jsing [Wed, 21 Jun 2023 07:56:43 +0000 (07:56 +0000)]
Provide optimised bn_clzw() for aarch64.
claudio [Wed, 21 Jun 2023 07:54:54 +0000 (07:54 +0000)]
Simplify and clean up the code. Try to use more ibuf idioms but the
mix of types used in these functions make this rather hard.
The expected data checks are still not great but a step in the right
direction.
OK tb@
claudio [Wed, 21 Jun 2023 07:49:24 +0000 (07:49 +0000)]
Convert string2binary() to use new ibuf api instead of working with an
extra buffer first.
OK tb@
jsing [Wed, 21 Jun 2023 07:48:41 +0000 (07:48 +0000)]
Provide and use bn_clzw() in place of bn_word_clz().
On some architectures, we can provide an optimised (often single
instruction) count-leading-zero implementation. In order to do this
effectively, provide bn_clzw() as a static inline that can be replaced
by an architecture specific version. The default implementation defers
to the bn_word_clz() function (which may also be architecture specific).
ok tb@
claudio [Wed, 21 Jun 2023 07:45:47 +0000 (07:45 +0000)]
Update ospf6d to use new ibuf api.
This mostly moves away from memcpy(ibuf_seek(buf, off, size), data, size) to
ibuf_set(buf, off, data, size). Also ibuf_reserve() is replaced with
ibuf_add_zero().
OK tb@
claudio [Wed, 21 Jun 2023 07:44:08 +0000 (07:44 +0000)]
Remove extra newlines
jsing [Wed, 21 Jun 2023 07:41:55 +0000 (07:41 +0000)]
Make BN_num_bits() independent of bn->top.
Provide bn_bitsize(), which performs a constant time scan of a BN in order
to determine the bit size of the BN value. Use this for BN_num_bits() such
that it is no longer dependent on the bn->top value.
ok tb@
jsing [Wed, 21 Jun 2023 07:18:10 +0000 (07:18 +0000)]
Add tests for BN_sqr() corner cases.
Test BN_sqr() with a newly allocated BN, a BN explicitly set to zero and
small values that fit in a single BN_ULONG.
jsing [Wed, 21 Jun 2023 07:16:08 +0000 (07:16 +0000)]
Add BN_cmp()/BN_ucmp() tests with zero padded inputs.
Currently BN_hex2bn() removes the leading zeros, however this will not be
the case in the future.
jsing [Wed, 21 Jun 2023 07:15:38 +0000 (07:15 +0000)]
Add a BN_num_bits() with zero padded input.
Currently BN_hex2bn() removes the leading zeros, however this will not be
the case in the future.
nicm [Wed, 21 Jun 2023 06:28:18 +0000 (06:28 +0000)]
Check fdopen return value, from Christian Menges.
djm [Wed, 21 Jun 2023 05:10:26 +0000 (05:10 +0000)]
better validate CASignatureAlgorithms in ssh_config and sshd_config.
Previously this directive would accept certificate algorithm names, but
these were unusable in practice as OpenSSH does not support CA chains.
part of bz3577; ok dtucker@
djm [Wed, 21 Jun 2023 05:08:32 +0000 (05:08 +0000)]
make `ssh -Q CASignatureAlgorithms` only list signature algorithms that
are valid for CA signing. Previous behaviour was to list all signing
algorithms, including certificate algorithms (OpenSSH certificates do
not support CA chains). part of bz3577; ok dtucker@
djm [Wed, 21 Jun 2023 05:06:04 +0000 (05:06 +0000)]
handle rlimits > INT_MAX (rlim_t is u64); ok dtucker
bz3581
jsg [Wed, 21 Jun 2023 01:10:17 +0000 (01:10 +0000)]
call rk3328 not rk3288 functions in rk3328_pinctrl()
tested by and ok kettenis@
djm [Tue, 20 Jun 2023 23:59:33 +0000 (23:59 +0000)]
prepare for support for connecting to unix domain sockets using ssh -W
by explicitly decoding PORT_STREAMLOCAL (a negative number) from the u32
that's passed over the multiplexing socket; previously code would just
cast, which is UB.
cheloha [Tue, 20 Jun 2023 16:30:30 +0000 (16:30 +0000)]
schedcpu, uvm_meter(9): make uvm_meter() an independent timeout
uvm_meter(9) should not base its periodic uvm_loadav() call on the UTC
clock. It also no longer needs to periodically wake up proc0 because
proc0 doesn't do any work. schedcpu() itself may change or go away,
but as kettenis@ notes we probably can't completely remove the concept
of a "load average" from OpenBSD, given its long Unix heritage.
So, (1) remove the uvm_meter() call from schedcpu(), (2) make
uvm_meter() an independent timeout started alongside schedcpu() during
scheduler_start(), and (3) delete the vestigial periodic proc0 wakeup.
With input from deraadt@, kettenis@, and claudio@. deraadt@ cautions
that this change may confuse administrators who hold the load average
in high regard.
Thread: https://marc.info/?l=openbsd-tech&m=
168710929409153&w=2
general agreement with this direction from kettenis@
ok claudio@
claudio [Tue, 20 Jun 2023 15:19:55 +0000 (15:19 +0000)]
Update ospfd to use new ibuf api.
This mostly moves away from memcpy(ibuf_seek(buf, off, size), data, size) to
ibuf_set(buf, off, data, size). Also ibuf_reserve() is replaced with
ibuf_add_zero().
OK tb@
claudio [Tue, 20 Jun 2023 15:15:14 +0000 (15:15 +0000)]
Use new ibuf API in rpki-client.
Use ibuf_fd_get/set/avail in the file descriptor passing code.
Switch some ibuf_seek() calls to ibuf_set() and use ibuf_add_zero() instead
of ibuf_reserve().
OK tb@ job@
espie [Tue, 20 Jun 2023 14:50:05 +0000 (14:50 +0000)]
tweak fragment handling error messages a bit
don't pass parameters we don't need
tb [Tue, 20 Jun 2023 14:37:15 +0000 (14:37 +0000)]
Consolidate elliptic curve cofactor handling
The various checks of the cofactor to be set in EC_GROUP_set_generator()
are a bit all over the place. Move them into a single function and clean
things up a little. Instead of calculating directly with the cofactor
member of the group, use a temporary variable and copy this variable only
if all tests passed. In cryptographic contexts the cofactor almost always
fits if not into a single byte then into a word, so copying is cheap.
Also streamline the computations a bit and remove some binary curve
contortions.
ok jsing
tb [Tue, 20 Jun 2023 14:21:19 +0000 (14:21 +0000)]
Improve certificate version checks in x509v3_cache_extensions()
Only allow version v1-v3, disallow issuerUID and subjectUID in v1 certs
and require that if X509v3 extensions are present that the cert be v3.
Initial diff from job
ok job jsing
tb [Tue, 20 Jun 2023 14:14:00 +0000 (14:14 +0000)]
Rename all occurrences of e in this file to engine
Requested by jsing
tb [Tue, 20 Jun 2023 14:12:51 +0000 (14:12 +0000)]
Rename int_ctx_new() into evp_pkey_ctx_new()
int_ctx_new() is a bad, generic, nondescriptive name.
requested by jsing
tb [Tue, 20 Jun 2023 14:10:05 +0000 (14:10 +0000)]
Clean up and fix int_ctx_new()
Compare explicitly against NULL, ensure the engine is always finished on
error, switch to using calloc() instead of malloc() + forgetting to set
some members to 0, use EVP_PKEY_up_ref() and also use pkey_ctx instead of
ret for the newly created EVP_PKEY_CTX.
ok jsing
tb [Tue, 20 Jun 2023 14:05:46 +0000 (14:05 +0000)]
Clean up EVP_PKEY_CTX_meth_dup()
Explicitly check against NULL, replace malloc() plus manual zeroing with
calloc(). Use EVP_PKEY_up_ref() rather than handrolling it and use a more
normal error idiom.
There still seems to be a bug in here in that the ENGINE's refcount isn't
bumped, but that will be investigated and fixed separately.
ok jsing
job [Tue, 20 Jun 2023 12:52:32 +0000 (12:52 +0000)]
Update regress to align with recent changes in rpki-client
job [Tue, 20 Jun 2023 12:48:32 +0000 (12:48 +0000)]
Ensure CRLs carry the correct version
OK tb@
job [Tue, 20 Jun 2023 12:39:50 +0000 (12:39 +0000)]
Add compliance checks for the version, KU, and EKU of TAK/MFT/GBR EE certs
OK tb@
job [Tue, 20 Jun 2023 12:28:08 +0000 (12:28 +0000)]
Ensure the X.509 version is V3
OK tb@
krw [Tue, 20 Jun 2023 11:52:08 +0000 (11:52 +0000)]
Take more care to ensure name_to_string() always returns a proper
string. Don't rely on GPT partition name containing a terminating
zero or the reserved bytes beyond gp_name being properly
initialized to zero.
job [Tue, 20 Jun 2023 11:06:47 +0000 (11:06 +0000)]
Be explicit when SIA is without rsync accessLocation
OK tb@
kn [Tue, 20 Jun 2023 10:59:47 +0000 (10:59 +0000)]
Sync with reality after the API was revamped years ago, explain functions
in paragraphs like task_add(9) and timeout_add(9) do instead of a list.
This certainly needs more polish.
OK jmc
claudio [Tue, 20 Jun 2023 09:54:57 +0000 (09:54 +0000)]
Replace a ibuf_reserve() dance to add a NUL byte with ibuf_add_zero(buf, 1).
Same thing but far less nasty.
OK tb@
kettenis [Tue, 20 Jun 2023 09:26:36 +0000 (09:26 +0000)]
Fix definition of EMMC_DLL_TXCLK register offset.
ok dlg@
jsg [Tue, 20 Jun 2023 06:53:29 +0000 (06:53 +0000)]
responsibilty -> responsibility
tb [Tue, 20 Jun 2023 06:46:07 +0000 (06:46 +0000)]
Fix copy-paste error
jsing [Tue, 20 Jun 2023 06:36:09 +0000 (06:36 +0000)]
Add regress coverage for BN_num_bits()
jmc [Tue, 20 Jun 2023 05:56:19 +0000 (05:56 +0000)]
- filedescriptor -> file descriptor, as per the rest of the page
- missing full stop
job [Tue, 20 Jun 2023 02:46:18 +0000 (02:46 +0000)]
Fix diagnostic values emitted in warnx
OK tb@
jsg [Tue, 20 Jun 2023 02:42:15 +0000 (02:42 +0000)]
drm/amd/display: Reduce sdp bw after urgent to 90%
From Alvin Lee
8953be60ec33cba8289a855a886f64508f8c2c0c in linux-6.1.y/6.1.34
e1a600208286c197c2696e51fc313e49889315bd in mainline linux
jsg [Tue, 20 Jun 2023 02:40:31 +0000 (02:40 +0000)]
drm/amd/pm: Fix power context allocation in SMU13
From Lijo Lazar
8695a443ad8f38e239b2080f02c4d739d6e33686 in linux-6.1.y/6.1.34
1d13c49cf4e246b218d71873f1bb1bbd376aa10e in mainline linux
jsg [Tue, 20 Jun 2023 02:38:42 +0000 (02:38 +0000)]
drm/amdgpu: change reserved vram info print
From YiPeng Chai
8e143bae25cdbab69ea3e2e7bb6faf7711ce7583 in linux-6.1.y/6.1.34
dac652220ba0e5a2ef2da2a47a60b60aea333fdb in mainline linux
jsg [Tue, 20 Jun 2023 02:37:06 +0000 (02:37 +0000)]
drm/amdgpu: fix xclk freq on CHIP_STONEY
From Chia-I Wu
34419aa0b448b0eee941102793893e0e256abda1 in linux-6.1.y/6.1.34
b447b079cf3a9971ea4d31301e673f49612ccc18 in mainline linux
jsg [Tue, 20 Jun 2023 02:35:50 +0000 (02:35 +0000)]
drm/amd/pm: conditionally disable pcie lane switching for some sienna_cichlid SKUs
From Evan Quan
416ba40ff3c4ecafbed19029c9e9884a7fee3da5 in linux-6.1.y/6.1.34
38e4ced804796c5725e2a52ec3601951552c4a97 in mainline linux
jsg [Tue, 20 Jun 2023 02:31:50 +0000 (02:31 +0000)]
drm/i915/gt: Use the correct error value when kernel_context() fails
From Andi Shyti
8d42c563e4ddbe2d0d71249f137b02daa66972db in linux-6.1.y/6.1.34
40023959dbab3c6ad56fa7213770e63d197b69fb in mainline linux
jsg [Tue, 20 Jun 2023 02:30:04 +0000 (02:30 +0000)]
drm/amdgpu: fix Null pointer dereference error in amdgpu_device_recover_vram
From Horatio Zhang
c5a17f3247bd7f6c2e22678dbfcd73832f487e3f in linux-6.1.y/6.1.34
2a1eb1a343208ce7d6839b73d62aece343e693ff in mainline linux
jsg [Tue, 20 Jun 2023 02:28:16 +0000 (02:28 +0000)]
drm/i915/selftests: Add some missing error propagation
From Tvrtko Ursulin
76eef453a675794e98400c8889446b1503a9dfa6 in linux-6.1.y/6.1.34
79d0150d2d983a4f6efee676cea06027f586fcd0 in mainline linux
jsg [Tue, 20 Jun 2023 02:26:56 +0000 (02:26 +0000)]
drm/i915/selftests: Stop using kthread_stop()
From Tvrtko Ursulin
4e7f1f6da79e1acda58b738e34ff972821d13072 in linux-6.1.y/6.1.34
6407cf533217e09dfd895e64984c3f1ee3802373 in mainline linux
jsg [Tue, 20 Jun 2023 02:24:41 +0000 (02:24 +0000)]
drm/i915: Use 18 fast wake AUX sync len
From Jouni Hogander
5f285409c91bb97d78b05477d57a921ba1156465 in linux-6.1.y/6.1.34
2d6f2f79e06571d41eb1223abebe9097511c9544 in mainline linux
jsg [Tue, 20 Jun 2023 02:22:17 +0000 (02:22 +0000)]
drm/i915: Explain the magic numbers for AUX SYNC/precharge length
From Ville Syrjala
7bf7bebdc20df3d53a6c7af583d704e811fed85d in linux-6.1.y/6.1.34
26bfc3f36f2104c174dfc72415547d5c28ef3f1c in mainline linux
djm [Tue, 20 Jun 2023 00:05:09 +0000 (00:05 +0000)]
reset comment=NULL for each key in do_fingerprint(); fixes "no comment"
not showing on when running `ssh-keygen -l` on multiple keys where one
has a comment and other following keys do not. Patch from Markus Kuhn
via GHPR407, bz3580
krw [Mon, 19 Jun 2023 23:11:57 +0000 (23:11 +0000)]
"%-Ns\n" is more appropriately "%s\n" to avoid adding extraneous
blanks to the end of the line.
Unexpected line wrapping noticed by kettenis@, cause spotted by deraadt@
Nuke an unused variable in passing.
krw [Mon, 19 Jun 2023 23:11:19 +0000 (23:11 +0000)]
"%-Ns\n" is more appropriately "%s\n" to avoid adding extraneous
blanks to the end of the line.
Unexpected line wrapping noticed by kettenis@, cause spotted by deraadt@
Nuke an unused variable in passing.
tb [Mon, 19 Jun 2023 18:52:29 +0000 (18:52 +0000)]
Make enginetest work with disabled engine support
tb [Mon, 19 Jun 2023 18:51:47 +0000 (18:51 +0000)]
Fix GOST test with disabled engine
tb [Mon, 19 Jun 2023 18:32:05 +0000 (18:32 +0000)]
Properly guard ENGINE usage with !OPENSSL_NO_ENGINE
claudio [Mon, 19 Jun 2023 17:22:46 +0000 (17:22 +0000)]
Drop test for msgbuf_drain() since that function is no longer part of the
public API.
claudio [Mon, 19 Jun 2023 17:21:46 +0000 (17:21 +0000)]
sync
claudio [Mon, 19 Jun 2023 17:19:50 +0000 (17:19 +0000)]
Improve the ibuf API by adding these functions:
Functions extending ibuf_add to work with more specific data types
ibuf_add_buf, ibuf_add_zero, ibuf_add_n8, ibuf_add_n16, ibuf_add_n32,
ibuf_add_n64
Functions replacing ibuf_seek where data at a specific offset is modified
ibuf_set, ibuf_set_n8, ibuf_set_n16, ibuf_set_n32, ibuf_set_n64
Functions to check, get and set the filedescriptor stored on the ibuf
ibuf_fd_avail, ibuf_fd_get, ibuf_fd_set
and ibuf_data() to access the data buffer, to be used together with ibuf_size()
On top of this add an optimized imsg_compose_ibuf() where an ibuf is wrapped
into an imsg in an efficent way.
Finally remove msgbuf_drain since it is not used by anything outside of
the ibuf code. Because of this removal bump the major of libutil.
Remove ibuf_data() in iked since the same function is now provided by libutil.
OK tb@
krw [Mon, 19 Jun 2023 13:45:19 +0000 (13:45 +0000)]
Replace eclectic mix of errx(4, "out of memory"), err(4, NULL)
and err(1, NULL) with consistent err(1, NULL) when responding to
out of memory conditions.
kettenis [Mon, 19 Jun 2023 13:37:22 +0000 (13:37 +0000)]
Fix RK3588 support. Makes dwmmc(4) actually work.
ok patrick@
deraadt [Mon, 19 Jun 2023 13:05:25 +0000 (13:05 +0000)]
The group "operator" gatekeeps a few superuser abilities (dumping disks,
manipulating tape drives -> means gid operator on device nodes). This group
is also used with group-access bit on the setuid-root shutdown command
(mode ug+x,u+s). Some people use this to shutdown/reboot their machines, but
use of that group is giving them disk read access also, which is wrong.
It would be a pain to re-gid all the device nodes, so instead let's renumber
the operator execution gid into group "_shutdown".
Users using this shutdown/reboot functionality will notice it no longer works,
and move themselves to the correct group.
Various choices discussed at large, this seems our best choice.
ok sthen
kettenis [Mon, 19 Jun 2023 09:54:15 +0000 (09:54 +0000)]
Add another reset for the PCIe controller on the RK3588.
ok dlg@
tb [Mon, 19 Jun 2023 09:12:41 +0000 (09:12 +0000)]
Dedoxigenize ecdsa.h
These functions are properly documented and upcoming surgery in here is
going to be tricky enough without having to navigate around this noise.
No code change.
jsg [Mon, 19 Jun 2023 00:50:42 +0000 (00:50 +0000)]
drm/amd/display: Have Payload Properly Created After Resume
From Fangzhi Zuo
4042d7ad40f1c3182225461c62926f217a3d0ede in linux-6.1.y/6.1.33
482e6ad9adde69d9da08864b4ccf4dfd53edb2f0 in mainline linux
jsg [Mon, 19 Jun 2023 00:49:02 +0000 (00:49 +0000)]
drm/amd/pm: reverse mclk and fclk clocks levels for renoir
From Tim Huang
8db2ea7b80d6539c2c3d4e2ca96ca1bc56b982d9 in linux-6.1.y/6.1.33
55e02c14f9b5fd973ba32a16a715baa42617f9c6 in mainline linux
jsg [Mon, 19 Jun 2023 00:47:31 +0000 (00:47 +0000)]
drm/amd/pm: reverse mclk and fclk clocks levels for yellow carp
From Tim Huang
f05f3fcc782445b707b998859d9a03410ecbdb73 in linux-6.1.y/6.1.33
f1373a97a41f429e0095d4be388092ffa3c1a157 in mainline linux
jsg [Mon, 19 Jun 2023 00:45:41 +0000 (00:45 +0000)]
drm/amd/pm: reverse mclk clocks levels for SMU v13.0.5
From Tim Huang
1c729bd5b30fe8178c53aeebf6503ea38966f769 in linux-6.1.y/6.1.33
c1d35412b3e826ae8119e3fb5f51dd0fa5b6b567 in mainline linux
jsg [Mon, 19 Jun 2023 00:44:09 +0000 (00:44 +0000)]
drm/amd/pm: resolve reboot exception for si oland
From Guchun Chen
0f8f233ed76754b0c9262eb2e82f8529da0bef16 in linux-6.1.y/6.1.33
e490d60a2f76bff636c68ce4fe34c1b6c34bbd86 in mainline linux
jsg [Mon, 19 Jun 2023 00:41:10 +0000 (00:41 +0000)]
drm/amd/pm: reverse mclk and fclk clocks levels for vangogh
From Tim Huang
e0a0f5d2ba593bbf155a41890f675390fd312e2c in linux-6.1.y/6.1.33
bfc03568d9d81332382c73a1985a90c4506bd36c in mainline linux
jsg [Mon, 19 Jun 2023 00:39:44 +0000 (00:39 +0000)]
drm/amd/pm: reverse mclk and fclk clocks levels for SMU v13.0.4
From Tim Huang
00abb872ef0f82dde131b9bd12096100bb24d9ba in linux-6.1.y/6.1.33
6a07826f2057b5fa1c479ba56460195882464270 in mainline linux
jsg [Mon, 19 Jun 2023 00:38:02 +0000 (00:38 +0000)]
drm/amdgpu: enable tmz by default for GC 11.0.1
From Ikshwaku Chauhan
2f91f92bd870684173e1fa27927ae8ba99fe463c in linux-6.1.y/6.1.33
663b930e24842f3d3bb79418bb5cd8d01b40c559 in mainline linux
jsg [Mon, 19 Jun 2023 00:36:06 +0000 (00:36 +0000)]
drm/amdgpu: skip disabling fence driver src_irqs when device is unplugged
From Guchun Chen
68ce1d57e52c6f88ffffb0d81b10650eafc8e540 in linux-6.1.y/6.1.33
c1a322a7a4a96cd0a3dde32ce37af437a78bf8cd in mainline linux
jsg [Mon, 19 Jun 2023 00:34:28 +0000 (00:34 +0000)]
drm/amdgpu: set gfx9 onwards APU atomics support to be true
From Yifan Zhang
3e336ad6f517d1078b1e6e874e1578827088f269 in linux-6.1.y/6.1.33
af7828fbceed4f9e503034111066a0adef3db383 in mainline linux
jsg [Mon, 19 Jun 2023 00:32:04 +0000 (00:32 +0000)]
drm/amdgpu: Use the default reset when loading or reloading the driver
From lyndonli
88a042d599c3f253ea8a9aa1906833c144525af4 in linux-6.1.y/6.1.33
4eea7fb980dc44545a32eec92e2662053b34cd9d in mainline linux
jsg [Mon, 19 Jun 2023 00:30:06 +0000 (00:30 +0000)]
drm/amdgpu: release gpu full access after "amdgpu_device_ip_late_init"
From Chong Li
787e74b21394f126bbce355839dcce9b0ad256d2 in linux-6.1.y/6.1.33
38eecbe086a4e52f54b2bbda8feba65d44addbef in mainline linux
cheloha [Sun, 18 Jun 2023 23:19:01 +0000 (23:19 +0000)]
clockintr_cpu_init: initialize starting offsets with clockintr_stagger()
cheloha [Sun, 18 Jun 2023 23:09:35 +0000 (23:09 +0000)]
clockintr: add clockintr_stagger()
clockintr_stagger() formalizes the "staggered start" pattern for
scheduling a common periodic clock interrupt across multiple CPUs.
Right now we implement a staggered start by hand for hardclock(),
statclock(), and schedclock(). I expect we will do it for
profclock(), too.
krw [Sun, 18 Jun 2023 20:41:52 +0000 (20:41 +0000)]
Add and use CHUNKSZ() to replace 'chunk->stop - chunk->start'
occurrances.
Shorter lines, more obvious intent.
tb [Sun, 18 Jun 2023 19:12:58 +0000 (19:12 +0000)]
Turns out EC_KEY_METHOD_new() has dup built in...
... because RSA_meth_new() doesn't. So we can fortunately lose a few lines
added in the previous commit. Three cheers for the masters of inconsistency.
ok jsing
op [Sun, 18 Jun 2023 19:08:52 +0000 (19:08 +0000)]
remove ca_verify_cb(). was initially used for debugging, then the
logging went away but the no-op callback remained.
noticed by tb@
krw [Sun, 18 Jun 2023 18:58:55 +0000 (18:58 +0000)]
Use UINT64_MAX instead of -1 to set a uint64_t value to
its maximum.
tb [Sun, 18 Jun 2023 17:50:28 +0000 (17:50 +0000)]
tls_signer: reinstate the default EC_KEY methods
Previously, we would set the ECDSA_METHOD on the EC_KEY, which, by way
of lovely indirection in our three crypto/ec* directories ended up having
no effect on the default methods. Now that we set a new EC_KEY_METHOD, we
need to make sure we still have the other handlers that we might need.
Like so many things that were made opaque in the 1.1 re"design", the
accessors were written without actual application code in mind. In
particular, EC_KEY_METHOD lacks a dup(). This means we get to fetch the
default methods with getters and then set them again on the new method.
This is particularly awesome because once someone adds a new method to
the opaque struct, all applications will have to adapt and do a get/set
dance.
So far this is very reminiscent of PostgreSQL with BIO_meth_*
https://github.com/postgres/postgres/blob/
a14e75eb0b6a73821e0d66c0d407372ec8376105/src/interfaces/libpq/fe-secure-openssl.c#L1921-L1928
Only it's worse here because someone wanted to be smart and save a few
public functions, so we have to use getters that get several functions
at once. Which in turn means we need to have function pointers with the
precise signatures which are part of the struct that was made opaque.
We will add a EC_KEY_METHOD_dup() in the next bump, but for now this is
the best fix we can have.
Whenever you think you've seen the worst turds in this code base, you find
another one that could serve as an exemplar.
ok jsing op
op [Sun, 18 Jun 2023 17:28:42 +0000 (17:28 +0000)]
sync imsg_to_str() with the list of imsg types in smtpd.h
ok millert@
tb [Sun, 18 Jun 2023 17:24:09 +0000 (17:24 +0000)]
Switch tls_ecdsa_do_sign() to EC_KEY_get_ex_data()
Since libtls now sets the ex_data with EC_KEY_set_ex_data(), the do_sign()
callback needs to have a matching change.
ok jsing op
kettenis [Sun, 18 Jun 2023 16:25:21 +0000 (16:25 +0000)]
Remove spurious comment.
ok patrick@
deraadt [Sun, 18 Jun 2023 15:17:38 +0000 (15:17 +0000)]
accept 'a' as shortcut for 'autoconf'; ok op afresh1 kn
aoyama [Sun, 18 Jun 2023 13:13:00 +0000 (13:13 +0000)]
Add fchmod() entry in luna88k bootloader.
Now 'chmod a-x /bsd.upgrade' works in order to prevent re-upgrade, like other architectures.
Tested by me on LUNA-88K2.
aoyama [Sun, 18 Jun 2023 12:58:03 +0000 (12:58 +0000)]
Fix SCSI CMD_WRITE_EXT command length to 10 bytes.
This is needed to work libsa's ufs_fchmod() on luna88k.
Tested by me on LUNA-88K2.
op [Sun, 18 Jun 2023 11:45:11 +0000 (11:45 +0000)]
relax absolute path requirement for configtest (-n)
ok dv@
op [Sun, 18 Jun 2023 11:43:49 +0000 (11:43 +0000)]
smtpd: switch ECDSA_METHOD usage to EC_KEY_METHOD
smtpd and the bits it needs in libtls are the only consumer left of
ECDSA_METHOD, which is long deprecated. This paves the way for the
removal in libcrypto.
The diff is from gilles' work on OpenSMTPD-portable, with minor changes
by me.
ok tb@, jsing@
op [Sun, 18 Jun 2023 11:43:03 +0000 (11:43 +0000)]
libtls: switch ECDSA_METHOD usage to EC_KEY_METHOD
smtpd and the bits it needs in libtls are the only consumer left of
ECDSA_METHOD, which is long deprecated. This paves the way for the
removal in libcrypto.
The diff is from gilles' work on OpenSMTPD-portable, libretls had a
similar diff.
ok tb@, jsing@
tobhe [Sat, 17 Jun 2023 22:33:34 +0000 (22:33 +0000)]
Fix leak of key.id_buf in pubkey auth case.
from markus
kettenis [Sat, 17 Jun 2023 22:10:19 +0000 (22:10 +0000)]
Flush the ITS after we disestablish an MSI. Fixes an issue seen on Ampere
eMAG with an AMD GPU with an HD audio function where azalia(4) doesn't
fully attach.
ok patrick@
espie [Sat, 17 Jun 2023 19:35:54 +0000 (19:35 +0000)]
document new buttons (STATS_BACKLOG and STATS_USED)
jsing [Sat, 17 Jun 2023 15:40:46 +0000 (15:40 +0000)]
Optimise bn_mul2_mulw_addtw() for aarch64.
This provides significant performance gains for bn_sqr_comba4() and
bn_sqr_comba8().
jmc [Sat, 17 Jun 2023 15:35:08 +0000 (15:35 +0000)]
"d" is the key character for DVI files, not "r";
from lennart jablonka
ok millert
jsing [Sat, 17 Jun 2023 14:43:50 +0000 (14:43 +0000)]
Speed up Montgomery multiplication.
Factor out and optimise the inner loop for Montgomery multiplication,
making use of bn_qwmulw_addqw_addw() to perform Montgomery multiplication
by one word in larger steps. This provides a significant performance gain,
especially on platforms where bn_qwmulw_addqw_addw() is (or can be)
optimised.
ok tb@
op [Sat, 17 Jun 2023 08:32:48 +0000 (08:32 +0000)]
bump version to 7.3.0