deraadt [Sun, 11 Feb 2018 04:09:19 +0000 (04:09 +0000)]
Add MAP_STACK flag. Currently masked by mmap()
schwarze [Sun, 11 Feb 2018 03:33:21 +0000 (03:33 +0000)]
Merge documentation from OpenSSL for seven functions
that jsing@ recently exposed publicly in libcrypto.
Requested by jsing@.
benno [Sun, 11 Feb 2018 02:27:33 +0000 (02:27 +0000)]
Use the new route filter ROUTE_PRIOFILTER in ospfd. Usually we only
need to see routes with a higher priority (lower value) than ospfds
own routes.
ok claudio, ok henning previous version, feedback from sthen
benno [Sun, 11 Feb 2018 02:26:55 +0000 (02:26 +0000)]
Add a ROUTE_PRIOFILTER socket option for roueing sockets that
allows filtering on the priority of the route. All routes up to
the specified value will be passed.
ok claudio, ok henning previous version, feedback and manpage from
sthen.
henning [Sun, 11 Feb 2018 02:17:46 +0000 (02:17 +0000)]
if an interface is added to the bridge that doesn't exist, try to create it
triggered by djm's dhclient on vether on bridge setup
ok djm benno claudio
tb [Sun, 11 Feb 2018 01:23:40 +0000 (01:23 +0000)]
sysctl.h is no longer needed
ok tedu
dlg [Sun, 11 Feb 2018 00:27:10 +0000 (00:27 +0000)]
list M_IPV6_DF_OUT
dlg [Sun, 11 Feb 2018 00:24:13 +0000 (00:24 +0000)]
add an ipv6 "don't fragment" flag to mbufs for ip6_output to use.
if you need to send an ipv6 packet with ip6_send(), there's no DF
bit in an ipv6 packet and no way to pass the ip6 options to ip6_output
to tell it to not allow fragmentation. this adds an M_IPV6_DF_OUT
"checksum" flag so something creating ipv6 packets a long way from
ip6_output can easily tell it to not allow fragmentation.
grumbling and ok claudio@
krw [Sat, 10 Feb 2018 23:25:15 +0000 (23:25 +0000)]
Fix 'ignore ;' so that it really does reset the ignore list.
Mkae 'ignore', 'request' and 'require' cumulative so all
options don't have to be jammed into one line.
deraadt [Sat, 10 Feb 2018 22:59:02 +0000 (22:59 +0000)]
Shift top-of-stack down so that the random==0 case doesn't leave stack
pointer beyond the space.
ok stefan, tedu
kettenis [Sat, 10 Feb 2018 22:32:32 +0000 (22:32 +0000)]
Enable axppmic(4).
kettenis [Sat, 10 Feb 2018 22:32:01 +0000 (22:32 +0000)]
Add AXP803 support.
kettenis [Sat, 10 Feb 2018 22:31:34 +0000 (22:31 +0000)]
More Allwinner A64 clocks.
cheloha [Sat, 10 Feb 2018 19:49:50 +0000 (19:49 +0000)]
Cap wait/interval at 100 million seconds.
Keeps nanosleep(2) from choking.
While here, call the argument to the -w flag "wait" in the
error message to match up with documentation and usage().
ok tedu@ deraadt@ tb@
anton [Sat, 10 Feb 2018 17:51:37 +0000 (17:51 +0000)]
Pledge monitoring process; ok tedu@
mpi [Sat, 10 Feb 2018 12:59:24 +0000 (12:59 +0000)]
Merge license blocks now that they are identical.
mpi [Sat, 10 Feb 2018 12:53:22 +0000 (12:53 +0000)]
Artur Grabowski agreed to relicense his C mutex implementation under ISC.
This will prevent a copyright-o-rama in kern_lock.c
mpi [Sat, 10 Feb 2018 12:44:20 +0000 (12:44 +0000)]
Convert armv7 to MI mutex.
Tested by jsg@, ok patrick@
jmc [Sat, 10 Feb 2018 11:19:09 +0000 (11:19 +0000)]
less macro; ok benno
espie [Sat, 10 Feb 2018 10:35:09 +0000 (10:35 +0000)]
implement the use of new ftp -S session=... for https
- add a setup_session hook that creates an anonymous tempfile in the ::HTTPS
class
- parse tls connection resumed messages and tell on servers that do not
support this
- remove the CLOEXE flag on the fd just before running ftp, so that other
processes do not see it at all.
This makes https somewhat more bearable, though still slower than http... :(
thanks to jsing@ et al for the design of session
mpi [Sat, 10 Feb 2018 10:32:51 +0000 (10:32 +0000)]
Move cleanup job control bits to their own function.
Part of the larger 'proctreelk' diff from guenther@
No functional change, ok benno@, tedu@
mpi [Sat, 10 Feb 2018 10:25:44 +0000 (10:25 +0000)]
Revert previous & incorrect NULL dereference fix.
This unbreak backtrace across interrupt frames.
espie [Sat, 10 Feb 2018 10:08:05 +0000 (10:08 +0000)]
rewrite file around fh_file, temp file creation with signal protection,
to be used to get anon temp files for https
dlg [Sat, 10 Feb 2018 10:00:32 +0000 (10:00 +0000)]
print etherip on ipv6.
patrick [Sat, 10 Feb 2018 09:53:47 +0000 (09:53 +0000)]
Replace two spaces indents with tabs. Makes it easier to read and
especially makes it easier to diff against our other linker scripts.
ok jsg@
jsg [Sat, 10 Feb 2018 09:46:58 +0000 (09:46 +0000)]
Additional AMD CPUID bits documented in
"Processor Programming Reference (PPR) for AMD Family 17h
Model 01h, Revision B1 Processors"
ok mlarkin@ deraadt@
claudio [Sat, 10 Feb 2018 09:32:54 +0000 (09:32 +0000)]
There is a problem with assigning 127.0.0.1 here. Revert the call
to in_up_loopback(). There is an issue when doing ifconfig lo0 127.0.0.1/8
the system ends up with 2 127.0.0.1 routes which breaks things like smptd.
Found by tb@
djm [Sat, 10 Feb 2018 09:25:34 +0000 (09:25 +0000)]
constify some private key-related functions; based on
https://github.com/openssh/openssh-portable/pull/56 by Vincent Brillault
mpi [Sat, 10 Feb 2018 09:21:12 +0000 (09:21 +0000)]
Remove now unused assembly mutex code.
ok mlarkin@, deraadt@
mpi [Sat, 10 Feb 2018 09:17:56 +0000 (09:17 +0000)]
If the kernel fails to clone an entry, report rtrequest(9) error.
ok claudio@, jmatthew@
djm [Sat, 10 Feb 2018 09:03:54 +0000 (09:03 +0000)]
Mention ServerAliveTimeout in context of TCPKeepAlives; prompted by
Christoph Anton Mitterer via github
claudio [Sat, 10 Feb 2018 08:47:37 +0000 (08:47 +0000)]
Kill unneeded caddr_t cast.
claudio [Sat, 10 Feb 2018 08:46:10 +0000 (08:46 +0000)]
Remove some special IPv4 in IPv6 mapped prefixes that are already rejected
by the ::0.0.0.0/96 reject route added to deny all IPv4 mapped addresses.
Makes the inet6 routing table almost fit in one screen.
OK benno@
dlg [Sat, 10 Feb 2018 08:12:01 +0000 (08:12 +0000)]
rework gif to be more consistent.
while here, give us support for mpls in gif on ipv6.
this moves all the gif handling into if_gif, eg, the mpls handling
is no longer in ip_etherip.c.
ok claudio@
jmc [Sat, 10 Feb 2018 07:54:34 +0000 (07:54 +0000)]
zap trailing whitespace;
patrick [Sat, 10 Feb 2018 07:02:21 +0000 (07:02 +0000)]
Supplying entropy from etext has created a regression on arm where we
get an alignment fault while copying the data. Turns out that since we
have .rodata in the text segment, it's very easily possible that etext
remains unaligned. Work around this by word-aligning etext. The next
step is to split .rodata out of the text segment.
ok deraadt@
djm [Sat, 10 Feb 2018 06:54:38 +0000 (06:54 +0000)]
clarify IgnoreUserKnownHosts; based on github PR from
Christoph Anton Mitterer.
patrick [Sat, 10 Feb 2018 06:52:47 +0000 (06:52 +0000)]
Put the ldscript parts into a single file instead of storing it as head
and tail and cat(1) it together. It was maybe needed when ports needed
different contents, but now it's just a headache.
ok deraadt@
djm [Sat, 10 Feb 2018 06:40:28 +0000 (06:40 +0000)]
Shorter, more accurate explanation of NoHostAuthenticationForLocalhost
without the confusing example. Prompted by Christoph Anton Mitterer
via github and bz#2293.
deraadt [Sat, 10 Feb 2018 06:37:12 +0000 (06:37 +0000)]
sync
jsing [Sat, 10 Feb 2018 06:25:16 +0000 (06:25 +0000)]
Add TLS session support to ftp(1).
If a session file is specified via the `-S session=...', ftp(1) will
attempt to resume TLS sessions based on the session data contained within
this file. Upon completion of a successful TLS handshake the session file
will be updated with new session data, if available.
Discussed with deraadt@ and beck@.
Requested by and input from espie@.
djm [Sat, 10 Feb 2018 06:15:12 +0000 (06:15 +0000)]
Disable RemoteCommand and RequestTTY in the ssh session started by
scp. sftp is already doing this. From Camden Narzt via github;
ok dtucker
jsing [Sat, 10 Feb 2018 06:07:43 +0000 (06:07 +0000)]
Be more specific about when the session file will be updated.
claudio [Sat, 10 Feb 2018 06:00:06 +0000 (06:00 +0000)]
mbufs and mbuf clusters are now backed by large pools. Because of this
we can relax the oversubscribe limit of socketbuffers a fair bit.
Instead of maxing out as sb_max * 1.125 or 2 * sb_hiwat the maximum is
increased to 8 * sb_hiwat -- which seems to be a good compromise between
memory waste and better socket buffer usage.
OK deraadt@
florian [Sat, 10 Feb 2018 05:59:06 +0000 (05:59 +0000)]
installer bits for RFC 7217 support
OK rpe, tb, naddy, sthen
florian [Sat, 10 Feb 2018 05:57:59 +0000 (05:57 +0000)]
RFC 7217 support for slaacd
OK naddy, sthen
florian [Sat, 10 Feb 2018 05:56:47 +0000 (05:56 +0000)]
Load RFC 7217 key material and generate if it does not already exist.
Add soii.key to changelist (pointed out by semarie) and mtree/special
(suggest by Craig Skinner).
OK naddy, sthen, rpe, tb
florian [Sat, 10 Feb 2018 05:55:26 +0000 (05:55 +0000)]
ifconfig can be used to to set interface flag to not do RFC 7217.
OK naddy, sthen
man page bits input & OK jmc
claudio [Sat, 10 Feb 2018 05:54:31 +0000 (05:54 +0000)]
Follow rfc8277 more closely and make make sure bgpd is encoding VPNv4
withdraws they way other systems are doing it. Interop problem discovered
by Andrew Thrift. Tested by Andrew and job@.
florian [Sat, 10 Feb 2018 05:53:58 +0000 (05:53 +0000)]
add support for binary sysctl payloads by handling them as hex
strings.
this was part of a demo showing how to implement the kernel side of
sysctl(3) for setting Semantically Opaque Interface Identifier key
material (for RFC 7217), but it seems to be the most straightforward
path toward integrating soiikey handling and rc.
Originally written by dlg, who commited it some time ago on my request.
I then backed it out again, now it's time to put it back in.
ok florian@ sthen@ naddy@ tb@
Man page bits tweaked & OK jmc
florian [Sat, 10 Feb 2018 05:52:08 +0000 (05:52 +0000)]
Implement RFC 7217: "A Method for Generating Semantically Opaque
Interface Identifiers with IPv6 Stateless Address Autoconfiguration."
"An IPv6 address configured using this method is stable within each
subnet, but the corresponding Interface Identifier changes when the
host moves from one network to another. This method is meant to be an
alternative to generating Interface Identifiers based on hardware
addresses."
OK naddy, sthen
djm [Sat, 10 Feb 2018 05:48:46 +0000 (05:48 +0000)]
Refuse to create a certificate with an unusable number of principals;
Prompted by gdestuynder via github
djm [Sat, 10 Feb 2018 05:43:26 +0000 (05:43 +0000)]
fatal if we're unable to write all the public key; previously we
would silently ignore errors writing the comment and terminating
newline. Prompted by github PR from WillerZ; ok dtucker
claudio [Sat, 10 Feb 2018 05:32:21 +0000 (05:32 +0000)]
Similar to the IPv6 case create 127.0.0.1/8 on lo(4) interfaces which act
as loopback interfaces for each rdomain (including lo0). This is done when
the interface is brought up. This is now also done by default (either on
attach of lo0 or when creating the rdomain).
OK mpi@
deraadt [Sat, 10 Feb 2018 05:24:23 +0000 (05:24 +0000)]
Syncronize filesystems to disk when suspending. Each mountpoint's vnodes
are pushed to disk. Dangling vnodes (unlinked files still in use) and
vnodes undergoing change by long-running syscalls are identified -- and
such filesystems are marked dirty on-disk while we are suspended (in case
power is lost, a fsck will be required). Filesystems without dangling or
busy vnodes are marked clean, resulting in faster boots following
"battery died" circumstances.
Tested by numerous developers, thanks for the feedback.
jmatthew [Sat, 10 Feb 2018 05:21:13 +0000 (05:21 +0000)]
fix build with SDHC_DEBUG defined, no binary change otherwise
jmatthew [Sat, 10 Feb 2018 05:11:06 +0000 (05:11 +0000)]
Add a mapping from grandparent driver name to hibernate io function to reduce
the number of ->dv_parent->dv_parent chains and make this more readable.
ok deraadt@ phessler@
jsing [Sat, 10 Feb 2018 04:58:08 +0000 (04:58 +0000)]
Bump TLS API version since we've added more functionality.
jsing [Sat, 10 Feb 2018 04:57:35 +0000 (04:57 +0000)]
Move the keypair pubkey hash handling code to during config.
The keypair pubkey hash was being generated and set in the keypair when the
TLS context was being configured. This code should not be messing around
with the keypair contents, since it is part of the config (and not the
context).
Instead, generate the pubkey hash and store it in the keypair when the
certificate is configured. This means that we are guaranteed to have the
pubkey hash and as a side benefit, we identify bad certificate content
when it is provided, instead of during the context configuration.
ok beck@
jsing [Sat, 10 Feb 2018 04:48:44 +0000 (04:48 +0000)]
Tidy/standardise some code.
jsing [Sat, 10 Feb 2018 04:48:17 +0000 (04:48 +0000)]
Remove NULL check from tls_conninfo_cert_pem() - all of the other conninfo
functions require the conninfo passed in to be non-NULL.
jsing [Sat, 10 Feb 2018 04:43:16 +0000 (04:43 +0000)]
Document functions for client-side TLS session support.
jsing [Sat, 10 Feb 2018 04:41:24 +0000 (04:41 +0000)]
Add support to libtls for client-side TLS session resumption.
A libtls client can specify a session file descriptor (a regular file
with appropriate ownership and permissions) and libtls will manage reading
and writing of session data across TLS handshakes.
Discussed at length with deraadt@ and tedu@.
Rides previous minor bump.
ok beck@
jsing [Sat, 10 Feb 2018 04:34:25 +0000 (04:34 +0000)]
Bump lib{crypto,ssl,tls} minors due to symbol addition.
jsing [Sat, 10 Feb 2018 04:33:47 +0000 (04:33 +0000)]
Expose X509_VERIFY_PARAM_* functions that appeared in the OpenSSL 1.0.2
API and are now in use by various libraries and applications.
benno [Sat, 10 Feb 2018 04:23:48 +0000 (04:23 +0000)]
claudio noted that this is an else case because we have either a
prefix or a prefix-set.
mortimer [Sat, 10 Feb 2018 02:54:33 +0000 (02:54 +0000)]
Use sched_pause(yield) to decide when to yield when filling randomdata.
ok deraadt@
benno [Sat, 10 Feb 2018 01:24:28 +0000 (01:24 +0000)]
Add prefix-sets, lists of prefixes which can be used in place of a
prefix in a filter rule. Initial idea hashed out with job@ in Toronto.
This is WIP, i'm commiting it now so we can work on it in the tree.
ok florian@ claudio@
tb [Sat, 10 Feb 2018 00:00:47 +0000 (00:00 +0000)]
Use return instead of exit from main.
krw [Fri, 9 Feb 2018 23:23:02 +0000 (23:23 +0000)]
If there is no link after link_timeout seconds don't forget
to go_daemon() while waiting for the RTM_IFINFO message.
Problem spotted by Holger Mikolon.
cheloha [Fri, 9 Feb 2018 23:12:13 +0000 (23:12 +0000)]
Schedule alarm for start of minute if departure time is absolute.
e.g., "leave 1530" goes off closer to 15:30:00.
Timezone-related bug caught by tb@ in review.
ok tb@ tedu@
jca [Fri, 9 Feb 2018 22:52:54 +0000 (22:52 +0000)]
Style tweaks
ok remi@ benno@
mortimer [Fri, 9 Feb 2018 22:13:04 +0000 (22:13 +0000)]
Use a static chacha instance to fill randomdata sections. Avoids looping
over a syscall for randomdata sections larger than 256B.
ok djm@ deraadt@ kettenis@
mpi [Fri, 9 Feb 2018 20:13:28 +0000 (20:13 +0000)]
Improve documentation of protected domains.
Required by and ok otto@, ok jmc@
dlg [Fri, 9 Feb 2018 10:12:38 +0000 (10:12 +0000)]
use in_addr and in6_addr instead of uint32_ts
dlg [Fri, 9 Feb 2018 09:35:03 +0000 (09:35 +0000)]
oh carp - i didnt mean to commit these
dlg [Fri, 9 Feb 2018 09:30:37 +0000 (09:30 +0000)]
use struct in_addr to represent an address.
eric [Fri, 9 Feb 2018 09:29:03 +0000 (09:29 +0000)]
isolate calls to the rfc2822 parser and handling of "." in smtp_dataline()
ok gilles@
dlg [Fri, 9 Feb 2018 09:22:46 +0000 (09:22 +0000)]
add support for setting the ttl on the tunnel traffic.
mpi [Fri, 9 Feb 2018 07:32:35 +0000 (07:32 +0000)]
Call socreate() before falloc() in sys_socket().
This is similar to what we do in sys_socketpair() and will allow us
to grab the KERNEL_LOCK() only after having created a socket.
ok tedu@
jmc [Fri, 9 Feb 2018 07:14:17 +0000 (07:14 +0000)]
a little more adjustment, after discussing with henning;
dlg [Fri, 9 Feb 2018 04:08:26 +0000 (04:08 +0000)]
use ether_tryprint, which looks inside the ether packet.
ether_print just prints the ether header.
dlg [Fri, 9 Feb 2018 04:05:58 +0000 (04:05 +0000)]
rework etherip to make it more consistent and reduce code duplication.
ok claudio@
tb [Fri, 9 Feb 2018 03:59:15 +0000 (03:59 +0000)]
Check for the existence of /bsd before trying to back it up to /obsd.
Fixes 'make install' when /bsd is not present for some reason.
ok rob florian, "fine with me" deraadt
claudio [Fri, 9 Feb 2018 03:53:37 +0000 (03:53 +0000)]
Clear the dr and bdr fields of a neighbor when it goes down.
Same is done in ospfd for quite a while.
dtucker [Fri, 9 Feb 2018 03:42:57 +0000 (03:42 +0000)]
Skip sftp-chroot test when SUDO not set instead of fatal().
dtucker [Fri, 9 Feb 2018 03:40:22 +0000 (03:40 +0000)]
Replace fatal with exit in the case that we do not have $SUDO set.
Prevents test failures when neither sudo nor doas are configured.
deraadt [Fri, 9 Feb 2018 03:01:24 +0000 (03:01 +0000)]
Situation occur where bootloader cannot supply kernel with early
random data. But a new source of entropy arrived a few months ago
-- KARL generates highly disturbed images for some kernels (well,
not for bsd.rd)
This assumes the tail of text (just before etext[]) is readable.
We are trying to use a portable symbol name, and also avoid reading
a locore0 which has been unmapped...
ok mortimer
dtucker [Fri, 9 Feb 2018 02:37:36 +0000 (02:37 +0000)]
Remove unused sKerberosTgtPassing from enum. From calestyo via github
pull req #11, ok djm@
patrick [Fri, 9 Feb 2018 02:26:33 +0000 (02:26 +0000)]
Extend the mbuf queue API with an accessor that checks whether
or not the mbuf queue is full.
ok dlg@
patrick [Fri, 9 Feb 2018 02:21:16 +0000 (02:21 +0000)]
Implement the bwfm(4) SDIO bus logic. This is the bus layer that
converts the logic of the upper layers (sending control messages,
sending data messages, receiving event or data messages) into the
corresponding work that has to be done on the lowest layer. SDIO
is not the fastest bus for exchanging network packets, but maybe
there is room for tuning. Actual TX/RX is being done in a worker
task that serializes access to the hardware. This is good enough
to attach to WiFi networks and do network transfers. Developed
and tested on a Cubox-i.
claudio [Fri, 9 Feb 2018 02:14:03 +0000 (02:14 +0000)]
Simplify logic a bit by moving a block. nbr_stop_itimer() does not use
the dr or bdr fields so clear them first.
jmatthew [Fri, 9 Feb 2018 00:08:17 +0000 (00:08 +0000)]
timeout_add -> timeout_add_sec
ok patrick@
dlg [Fri, 9 Feb 2018 00:06:51 +0000 (00:06 +0000)]
it turns out the wccp header is optional
peek inside the payload to see if the first nibble looks like ipv4.
if it isnt ipv4 assume it is the wccp header.
dlg [Fri, 9 Feb 2018 00:03:13 +0000 (00:03 +0000)]
bring back the wccp shizz.
dlg [Thu, 8 Feb 2018 23:53:20 +0000 (23:53 +0000)]
implement support for tunnelttl copy.
if the ttl is set to copy, gre will copy the ttl in and out of the
encapsulated packet. it's probably a good idea to set this the same
on both ends of a tunnel.
egre doesn't support tunnelttl copy.
dlg [Thu, 8 Feb 2018 22:56:28 +0000 (22:56 +0000)]
have a go at decoding cisco wccp gre packets, and let them fall into IP.
tb [Thu, 8 Feb 2018 22:49:53 +0000 (22:49 +0000)]
sync
claudio [Thu, 8 Feb 2018 22:24:41 +0000 (22:24 +0000)]
Make the routing socket more MP save by using a SRPL list for the pcb list.
Still needs the big kernel lock but this is another step in the right direction.
With and OK mpi@
dlg [Thu, 8 Feb 2018 22:11:06 +0000 (22:11 +0000)]
ttl 0 is not valid on the wire, so dont accept it.