jmc [Tue, 31 May 2022 20:12:24 +0000 (20:12 +0000)]
fix spacing;
tb [Tue, 31 May 2022 19:37:02 +0000 (19:37 +0000)]
Fix typo: argv[1] -> argv[i]
tb [Tue, 31 May 2022 19:14:15 +0000 (19:14 +0000)]
Remove old checklists and add a couple of new ones.
mbuhl [Tue, 31 May 2022 19:01:46 +0000 (19:01 +0000)]
The pflow regression test could fail due to a race where the close(2)
call of the receiver was called before the FIN on the sender was
processed.
OK bluhm@
OK anton@
tb [Tue, 31 May 2022 18:51:35 +0000 (18:51 +0000)]
I made non-trivial contributions to these files.
tb [Tue, 31 May 2022 18:45:14 +0000 (18:45 +0000)]
Shuffle two helper functions down.
This way the helper functions appear in the order they are used in
rsc_parse_econtent().
tb [Tue, 31 May 2022 18:42:26 +0000 (18:42 +0000)]
Update reference to RSC draft 08
ok claudio job
tb [Tue, 31 May 2022 18:41:43 +0000 (18:41 +0000)]
Remove now unused ASN1_frame() and cms_econtent_version()
ok claudio job
tb [Tue, 31 May 2022 18:40:15 +0000 (18:40 +0000)]
Rewrite rsc.c using ASN.1 templates
This implements the constrained versions of the RFC 3779 structures
since OpenSSL's 3779 API doesn't expose IPAddrBlocks. This way we can
also avoid extra checks after walking the structs. Use the previously
exposed sbgp_as_{id,range}() and sbgp_addr{,_range}() to remove a lot
of copy-pasted code.
While parsing ConstrainedASIdentifiers allocate only once and for
ConstrainedIPAddrBlocks allocate once per address family instead of
doing a reallocation for each asid or prefix.
This removes the last explicit use of ASN1_TYPE and ASN1_SEQUENCE_ANY
from rpki-client.
ok claudio job
tb [Tue, 31 May 2022 18:33:16 +0000 (18:33 +0000)]
Prepare rewrite of rsc.c with templated ASN.1
Change signatures of various functions to avoid using struct parse and
expose sbgp_as_{id,range}() and sbgp_addr{,_range}() so they can be used
from rsc.c. This is a mostly mechanical diff.
ok claudio job
schwarze [Tue, 31 May 2022 18:08:02 +0000 (18:08 +0000)]
Trivial patch to put the roff(7) \g (interpolate format of register)
escape sequence into the correct parsing class, ESCAPE_EXPAND.
Expansion of \g is supposed to work exactly like the expansion
of the related escape sequence \n (interpolate register value),
but since we ignore the .af (assign output format) request,
we just interpolate an empty string to replace the \g sequence.
Surprising as it may seem, this actually makes a formatting difference
for deviate input like ".O\gNx" which used to raise bogus "escaped
character not allowed in a name" and "skipping unknown macro" errors
and printed nothing, whereas now it correctly prints "OpenBSD".
nicm [Tue, 31 May 2022 16:13:43 +0000 (16:13 +0000)]
Add a missing space.
naddy [Tue, 31 May 2022 14:05:12 +0000 (14:05 +0000)]
ssh-keygen: implement "verify-required" certificate option
This was already documented when support for user-verified FIDO
keys was added, but the ssh-keygen(1) code was missing.
ok djm@
nicm [Tue, 31 May 2022 10:22:42 +0000 (10:22 +0000)]
Trim menu item text correctly, GitHub issue 3197.
claudio [Tue, 31 May 2022 09:50:26 +0000 (09:50 +0000)]
Introduce a integration test for max-communities
claudio [Tue, 31 May 2022 09:46:54 +0000 (09:46 +0000)]
Extend community unit test to also check community_count()
claudio [Tue, 31 May 2022 09:45:33 +0000 (09:45 +0000)]
Implement a max communities filter match
When max-communities X is set on a filterrule the filter will match when
more than X communities are present in the path. In other words
max-communities 0 means no communities are allowed and max-communities 3
limits it up to 3 communities.
There is max-communities, max-ext-communities and max-large-communities
for each of the 3 community attributes. These three max checks can be used
together.
OK tb@ job@
deraadt [Mon, 30 May 2022 23:31:45 +0000 (23:31 +0000)]
sync
schwarze [Mon, 30 May 2022 22:50:40 +0000 (22:50 +0000)]
Dummy implementation of the roff(7) \V (interpolate environment variable)
escape sequence. This is needed to get \V into the correct parsing
class, ESCAPE_EXPAND.
It is intentional that mandoc(1) output is *not* influenced by environment
variables, so interpolate the name of the variable with some decorating
punctuation rather than interpolating its value.
dv [Mon, 30 May 2022 17:58:20 +0000 (17:58 +0000)]
knf; fix whitespace in structs
kettenis [Mon, 30 May 2022 17:44:10 +0000 (17:44 +0000)]
sfgpio(4)
kettenis [Mon, 30 May 2022 17:39:09 +0000 (17:39 +0000)]
Add sfgpio(4), a driver for the GPIO controller found on the
SiFive FU740 SoC.
ok jca@
dv [Mon, 30 May 2022 16:07:28 +0000 (16:07 +0000)]
grep(1): print full context when using match count
When using the match count flag (-m), grep was not printing the
context after the match if the -A or -C flags were provided.
This changes the logic to continue printing lines after hitting the
match count.
ok op@, millert@
visa [Mon, 30 May 2022 14:06:16 +0000 (14:06 +0000)]
Replace selwakeup() with KNOTE() in pipe event activation.
Recommit the reverted change selectively so that only pipes are
affected. Leave sockets untouched for now.
nicm [Mon, 30 May 2022 13:07:46 +0000 (13:07 +0000)]
Remove duplicates from completion list, GitHub issue 3178.
nicm [Mon, 30 May 2022 13:07:06 +0000 (13:07 +0000)]
Add pane_start_path to match start_command.
nicm [Mon, 30 May 2022 13:06:41 +0000 (13:06 +0000)]
Set PWD so shells have a hint about the real path (this was done before
but lost in a merge). GitHub issue 3186.
nicm [Mon, 30 May 2022 13:06:10 +0000 (13:06 +0000)]
Fix property name from Sergei Dyshel, and a typo from imcusg at gmail
dot com.
nicm [Mon, 30 May 2022 13:04:24 +0000 (13:04 +0000)]
Check if args_strtonum argument is NULL or not a string, from Anindya
Mukherjee.
nicm [Mon, 30 May 2022 13:03:46 +0000 (13:03 +0000)]
Do not allow pipe-pane on dead panes, from Anindya Mukherjee, GitHub
issue 3174.
nicm [Mon, 30 May 2022 13:02:55 +0000 (13:02 +0000)]
If a mouse position was above the maximum supported by the normal mouse
protocol (223), tmux was allowing it to wrap around. However, since tmux
was not correctly handling this on input, other programs also do not
handle it correctly, and the alternative SGR mouse mode is now
widespread, this seems unnecessary, so remove this feature. Also define
some constants to make it clearer what the numbers mean. Mostly from
Leonid S Usov in GitHub issue 3165.
nicm [Mon, 30 May 2022 13:00:18 +0000 (13:00 +0000)]
Add a way for lines added to copy mode to be passed through the parser
to handle escape sequences and use it for run-shell, GitHub issue 3156.
nicm [Mon, 30 May 2022 12:57:31 +0000 (12:57 +0000)]
iTerm2 has OSC 7, from Gregory Anders.
nicm [Mon, 30 May 2022 12:55:25 +0000 (12:55 +0000)]
Spacing/style nits.
nicm [Mon, 30 May 2022 12:54:09 +0000 (12:54 +0000)]
Emit window-layout-changed on swap-pane, from George Nachman.
nicm [Mon, 30 May 2022 12:52:02 +0000 (12:52 +0000)]
Better error reporting when applying custom layouts.
nicm [Mon, 30 May 2022 12:51:27 +0000 (12:51 +0000)]
Do not send focus sequences when focus is enabled or disabled by the
application if it is turned off. GitHub issue 3142.
nicm [Mon, 30 May 2022 12:48:57 +0000 (12:48 +0000)]
Add an ACL list for users connecting to the tmux socket. Users may be
forbidden from attaching, forced to attach read-only, or allowed to
attach read-write. A new command, server-access, configures the list.
tmux gets the user using getpeereid(3) of the client socket. Users must
still configure file system permissions manually. From Dallas Lyons and
others.
op [Mon, 30 May 2022 10:31:59 +0000 (10:31 +0000)]
move bufsz description after appbufsz as per struct fields order
ok ratchov@
dlg [Mon, 30 May 2022 10:30:33 +0000 (10:30 +0000)]
make a first pass at providing kstats from the hardware counters.
mvneta counters are read to clear, so we accumulate them over time.
they are also mostly 32bit, except for 2 of them, so this handles
all the 32bit counters in a loop and deals with the 64bit ones as
exceptions.
i can see rx drops now, but not the rx rx counters yet. i'll figure
it out.
this is mostly inspired by em(4).
dlg [Mon, 30 May 2022 09:37:46 +0000 (09:37 +0000)]
tell the compiler about the tx/rx desc alignment.
this leads to better (and shorter) code.
ok patrick@
espie [Mon, 30 May 2022 09:30:40 +0000 (09:30 +0000)]
tweak the display a bit: have "hashing/tieing" be progress messages
(they probably won't mean a lot to most users but then they only
appear fleetingly apart from stuff like texlive)
jca [Sun, 29 May 2022 22:03:44 +0000 (22:03 +0000)]
pwr_action isn't used in this file, zap pointless decl.
kettenis [Sun, 29 May 2022 16:19:08 +0000 (16:19 +0000)]
Device tree bindings for this device are official now.
schwarze [Sun, 29 May 2022 12:46:28 +0000 (12:46 +0000)]
More precision regarding a few minor points:
* Say what happens when no pkg-name is given.
* Say "show the names and one-line comments" rather than just "information".
* Say which options cannot be combined with pkg-name arguments.
* Say which options are already the default in some circumstances.
OK espie@
schwarze [Sun, 29 May 2022 10:58:03 +0000 (10:58 +0000)]
document the meaning of the -Q option argument;
OK espie@
espie [Sun, 29 May 2022 10:48:41 +0000 (10:48 +0000)]
final part of caching for always-update: the new annotation doesn't need
any specific handling.
espie [Sat, 28 May 2022 23:20:28 +0000 (23:20 +0000)]
EOF does not result in an error code, as spotted by stsp@
gerhard [Sat, 28 May 2022 18:51:16 +0000 (18:51 +0000)]
Since 'sa' can be freed inside the loop, RB_FOREACH_SAFE is required.
ok tobhe@
mbuhl [Sat, 28 May 2022 18:39:39 +0000 (18:39 +0000)]
*** empty log message ***
jmc [Sat, 28 May 2022 16:07:54 +0000 (16:07 +0000)]
rework the power status changes text;
original diff from jan stary, adjusted according to sthen
espie [Sat, 28 May 2022 07:46:27 +0000 (07:46 +0000)]
have pkg_create generate the hash for always-update
jmc [Sat, 28 May 2022 05:57:56 +0000 (05:57 +0000)]
keywords ref ssh_config.5;
from caspar schutijser
deraadt [Sat, 28 May 2022 03:47:43 +0000 (03:47 +0000)]
oops, wrong value in previous commit
deraadt [Sat, 28 May 2022 03:21:17 +0000 (03:21 +0000)]
64K of locked memory should be enough for anyone (until we hear a good
reason why)
discussed with many, ok millert
deraadt [Sat, 28 May 2022 03:20:33 +0000 (03:20 +0000)]
clear cur_membag so that pcap can be used more than once
deraadt [Sat, 28 May 2022 03:20:14 +0000 (03:20 +0000)]
Do not walk off the end of the array performing frees
crash found by daharmasterkor
kettenis [Fri, 27 May 2022 18:55:30 +0000 (18:55 +0000)]
Convert KVA allocation to km_alloc(9).
ok deraadt@, mpi@
jmc [Fri, 27 May 2022 15:45:02 +0000 (15:45 +0000)]
rework the text on mtu and mss, according to some notes from sthen;
ok sthen
ajacoutot [Fri, 27 May 2022 12:27:39 +0000 (12:27 +0000)]
Normalise markup.
from Raf Czlonka
mpi [Fri, 27 May 2022 11:10:54 +0000 (11:10 +0000)]
Call uvm_vnp_uncache() before VOP_RENAME().
ok kettenis@
djm [Fri, 27 May 2022 05:02:46 +0000 (05:02 +0000)]
split the low-level file handling functions out from auth2-pubkey.c
Put them in a new auth2-pubkeyfile.c to make it easier to refer to them
(e.g. in unit/fuzz tests) without having to refer to everything else
pubkey auth brings in.
ok dtucker@
djm [Fri, 27 May 2022 05:01:25 +0000 (05:01 +0000)]
refactor authorized_keys/principals handling
remove "struct ssh *" from arguments - this was only used to pass the
remote host/address. These can be passed in instead and the resulting
code is less tightly coupled to ssh_api.[ch]
ok dtucker@
dtucker [Fri, 27 May 2022 04:29:40 +0000 (04:29 +0000)]
f sshpkt functions fail, then password is not cleared with freezero.
Unconditionally call freezero to guarantee that password is removed
from RAM.
From tobias@ and c3h2_ctf via github PR#286, ok djm@
dtucker [Fri, 27 May 2022 04:27:49 +0000 (04:27 +0000)]
Avoid kill with -1 argument.
The out_ctx label can be reached before fork has been called. If this
happens, then kill -1 would be called, sending SIGTERM to all processes
reachable by the current process.
From tobias@ and c3h2_ctf via github PR#286, ok djm@
dtucker [Fri, 27 May 2022 04:13:24 +0000 (04:13 +0000)]
Note that ProxyJump also accepts the same tokens as ProxyCommand.
From pallxk via github PR#305.
kettenis [Thu, 26 May 2022 23:32:18 +0000 (23:32 +0000)]
Adjust compatible string to match what has been submitted to mainline Linux.
Keep supporting the old compatible string for a bit longer.
Add frequency sensors that reflect the actual frequencies the CPU clusters
are running at as reported by the hardware.
ok patrick@
espie [Thu, 26 May 2022 21:08:52 +0000 (21:08 +0000)]
I'm a doofus, of course I need to use "write_without_variation" for that
jsg [Thu, 26 May 2022 13:54:38 +0000 (13:54 +0000)]
recognise Cortex-X1C
ajacoutot [Thu, 26 May 2022 11:27:03 +0000 (11:27 +0000)]
Introduce a new daemon_execdir variable for changing to a specified directory
before running rc_rcexec.
Based on an proposal from openbsd.tech at aisha.cc
ok robert@ abieber@
espie [Thu, 26 May 2022 06:53:38 +0000 (06:53 +0000)]
first step in simplifying the always-update case:
tweak @option always-update to allow parsing
@option always-update <hash_value_for_the_whole_plist>
once this is safely in snapshots, we can generate it
directly within PkgCreate.pm, compare it directly in
Signature.pm and get rid of the whole special case
of having to keep the whole plist around
jsg [Thu, 26 May 2022 06:20:59 +0000 (06:20 +0000)]
drm/i915/adl-n: Add stepping info
From Tejas Upadhyay
8d80cceecdd98de6d2281d39d6571a1fe08e5af9 in mainline linux
jsg [Thu, 26 May 2022 06:13:24 +0000 (06:13 +0000)]
drm/i915/rpl-s: Add stepping info
From Anusha Srivatsa
8295524a2d5550b56e800ac779a183b7f4d8c33c in mainline linux
jsg [Thu, 26 May 2022 05:11:51 +0000 (05:11 +0000)]
drm/i915/rpl-s: Enable guc submission by default
From Anusha Srivatsa
c9ee950a2ca55ea0f63d0893f796b2eb089e7900 in mainline linux
jsg [Thu, 26 May 2022 04:57:00 +0000 (04:57 +0000)]
drm/i915/adl-n: Add PCH Support for Alder Lake N
From Tejas Upadhyay
02ed904261481460e6084769416e7ca31bbb92eb in mainline linux
jsg [Thu, 26 May 2022 04:52:50 +0000 (04:52 +0000)]
drm/i915/rpl-s: Add PCH Support for Raptor Lake S
From Anusha Srivatsa
4a75f32fc783128d0c42ef73fa62a20379a66828 in mainline linux
jsg [Thu, 26 May 2022 01:47:30 +0000 (01:47 +0000)]
regen
jsg [Thu, 26 May 2022 01:47:02 +0000 (01:47 +0000)]
add more Intel RPL-S graphics ids
jsg [Thu, 26 May 2022 01:41:16 +0000 (01:41 +0000)]
drm/i915/rpl-p: Add PCI IDs
From Matt Atwood
72c3c8d6e5275b19fd2d32ec787e8135a421c7ec in mainline linux
jsg [Thu, 26 May 2022 01:36:02 +0000 (01:36 +0000)]
drm/i915: Add RPL-S PCI IDs
From Tejas Upadhyay
756b807f6a3e01d238c346925006cdfd6a59e341 in mainline linux
mvs [Wed, 25 May 2022 19:48:46 +0000 (19:48 +0000)]
Call if_put(9) after we finish with `ia' within ip_getmoptions().
if_put(9) call means we finish work with `ifp' and it could be destroyed.
`ia' is the pointer to 'in_ifaddr' data belongs to `ifp', so we need to
release corresponding `ifp' after we finish deal with `ia'.
`if_addrlist' list destruction and ip_getmoptions() are serialized with
kernel and net locks so this is not critical, but looks inconsistent.
ok bluhm@
guenther [Wed, 25 May 2022 17:32:36 +0000 (17:32 +0000)]
Revert the .rodata.cst4 change: results in incorrect value read
tb [Wed, 25 May 2022 17:10:30 +0000 (17:10 +0000)]
Remove an unnecessary XXX comment. The suggested check is part of
extract_min_max().
claudio [Wed, 25 May 2022 16:56:04 +0000 (16:56 +0000)]
Adjust code after adding an extra argument to community_ext_add
claudio [Wed, 25 May 2022 16:21:11 +0000 (16:21 +0000)]
Print ASnumbers in asplain format and stop using the old asdot format.
While there clean up some draft comments with their RFC number.
The detection for 4-byte ASPATH attributes is a bit sloppy but since
all resonable BGP versions use 4-byte ASnumbers now we default to them
unless we know it is a 2-byte encoding.
Kill it with fire. deraadt@ & job@ OK sthen@
claudio [Wed, 25 May 2022 16:03:34 +0000 (16:03 +0000)]
Fix non-transitive extended community handling.
First of all the detection logic was totally wrong. Then filter out
non-transitive extended communities when received from an ebgp peer.
Also cleanup the type handling of ext-communities. Mainly to not have
to handle the transitive vs non-transitive versions the type is masked
with EXT_COMMUNITY_VALUE before doing the switch case for the various
types.
With this my test using ext-communities works.
OK tb@
job [Wed, 25 May 2022 14:26:27 +0000 (14:26 +0000)]
Add RFC 9234 "BGP Role" support
With and OK claudio@
jsg [Wed, 25 May 2022 12:37:23 +0000 (12:37 +0000)]
drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
From Hangyu Hua
deec86168170d085d4f91445c1f72a900ed02372 in linux 5.15.y/5.15.42
6e03b13cc7d9427c2c77feed1549191015615202 in mainline linux
jsg [Wed, 25 May 2022 12:33:48 +0000 (12:33 +0000)]
drm/i915/dmc: Add MMIO range restrictions
From Anusha Srivatsa
aaf0f01d074d6fd39ec1b01477f69cd688bf6c9d in linux 5.15.y/5.15.42
54395a33718af1c04b5098203335b25382291a16 in mainline linux
jsg [Wed, 25 May 2022 12:29:12 +0000 (12:29 +0000)]
drm/amd: Don't reset dGPUs if the system is going to s2idle
From Mario Limonciello
9d3ec4e5bf032f53137e11075846cec9c474ce4b in linux 5.15.y/5.15.42
7123d39dc24dcd21ff23d75f46f926b15269b9da in mainline linux
jsg [Wed, 25 May 2022 12:25:25 +0000 (12:25 +0000)]
Revert "drm/i915/opregion: check port number bounds for SWSCI display power state"
From Greg Thelen
11e6a90ffd6294083b808d34ccc5a5ea18ed603e in linux 5.15.y/5.15.42
jmatthew [Wed, 25 May 2022 09:49:17 +0000 (09:49 +0000)]
As with if_em.c r1.350, and for the same reasons (arm64 systems with non
cache coherent PCIe), map the rx and tx rings coherent.
tested by kevlo@ on rockpro64
ok dlg@
djm [Wed, 25 May 2022 06:03:44 +0000 (06:03 +0000)]
revert previous; it was broken (spotted by Theo)
dlg [Wed, 25 May 2022 03:03:58 +0000 (03:03 +0000)]
marvell,armada-3700-ahci seems to work.
ok kettenis@ patrick@
djm [Wed, 25 May 2022 00:31:13 +0000 (00:31 +0000)]
make SSHBUF_DBG/SSHBUF_TELL (off by default and only enabled via
#define) dump to stderr rather than stdout
guenther [Tue, 24 May 2022 22:36:58 +0000 (22:36 +0000)]
Delete superfluous/duplicated #includes
guenther [Tue, 24 May 2022 22:35:27 +0000 (22:35 +0000)]
Give internal 'botch' labels a '.L' prefix to remove them from the
symbol table
ok kettenis@ miod@
guenther [Tue, 24 May 2022 22:34:02 +0000 (22:34 +0000)]
Address the clang 13 "changed binding to STB_WEAK" warning on arm64:
add _?ENTRY_NB to asm.h, switch libc's asm bits to the generic
DEFS.h, and use ENTRY_NB as necessary.
Also, give sizes to the htonl/htons symbols and mark them as weak.
ok kettenis@ miod@
tb [Tue, 24 May 2022 20:20:19 +0000 (20:20 +0000)]
Clean up ASN1_item_sign_ctx() a little
Instead of inl, outl, and outll, use in_len, out_len, and buf_out_len.
Use the appropriate types for them. Check return values properly, check
for overflow. Remove some unnecessary casts and add some for readability.
Use asn1_abs_set_unused_bits() instead of inlining it.
This removes the last direct consumer of ASN1_STRING_FLAG_BITS_LEFT
outside of asn1/a_bitstr.c. The flag is still mentioned in x509/x509_addr.c
but that will hopefully go away soon.
tweaks/ok jsing
tb [Tue, 24 May 2022 20:06:32 +0000 (20:06 +0000)]
Simplify ec_asn1_group2curve()
Don't try to reuse curve->seed to avoid an allocation. Free it
unconditionally and copy over the group->seed if it's available.
Use asn1_abs_set_unused_bits() instead of inlining it.
ok jsing
projects / openbsd / log