openbsd
2 years agoRevise for changes to tls_key_share_peer_public()
jsing [Tue, 11 Jan 2022 18:29:10 +0000 (18:29 +0000)]
Revise for changes to tls_key_share_peer_public()

2 years agoPlumb decode errors through key share parsing code.
jsing [Tue, 11 Jan 2022 18:28:41 +0000 (18:28 +0000)]
Plumb decode errors through key share parsing code.

Distinguish between decode errors and other errors, so that we can send
a SSL_AD_DECODE_ERROR alert when appropriate.

Fixes a tlsfuzzer failure, due to it expecting a decode error alert and
not receiving one.

Prompted by anton@

ok tb@

2 years agoUse SSL_AD_INTERNAL_ERROR for non-decoding alerts when parsing keyshares.
jsing [Tue, 11 Jan 2022 18:24:03 +0000 (18:24 +0000)]
Use SSL_AD_INTERNAL_ERROR for non-decoding alerts when parsing keyshares.

ok tb@

2 years agoSimplify tlsext_keyshare_server_parse()
jsing [Tue, 11 Jan 2022 18:22:16 +0000 (18:22 +0000)]
Simplify tlsext_keyshare_server_parse()

SSL_AD_DECODE_ERROR is the default alert for a TLS extension parsing
failure - remove the various gotos and simply return 0 instead.

ok tb@

2 years agoBump KVA space up to 512MB (and a bit).
kettenis [Tue, 11 Jan 2022 16:54:58 +0000 (16:54 +0000)]
Bump KVA space up to 512MB (and a bit).

ok phessler@, deraadt@, miod@

2 years agoWrap long lines
inoguchi [Tue, 11 Jan 2022 16:06:48 +0000 (16:06 +0000)]
Wrap long lines

2 years agoCheck function return value
inoguchi [Tue, 11 Jan 2022 15:45:00 +0000 (15:45 +0000)]
Check function return value

2 years agoSuppress warning
inoguchi [Tue, 11 Jan 2022 15:05:58 +0000 (15:05 +0000)]
Suppress warning

2 years agoCompare pointer variable with NULL
inoguchi [Tue, 11 Jan 2022 15:02:34 +0000 (15:02 +0000)]
Compare pointer variable with NULL

2 years agoRemove space between '*' and pointer variable.
inoguchi [Tue, 11 Jan 2022 14:35:14 +0000 (14:35 +0000)]
Remove space between '*' and pointer variable.

2 years agoConvert openssl(1) smime option handling
inoguchi [Tue, 11 Jan 2022 14:23:05 +0000 (14:23 +0000)]
Convert openssl(1) smime option handling

Apply new option handling to openssl(1) smime and no functional changes.

input and ok jsing@

2 years agoChange the way the parser accesses files. It now builds the file path
claudio [Tue, 11 Jan 2022 13:06:07 +0000 (13:06 +0000)]
Change the way the parser accesses files. It now builds the file path
based on information from the repository, a local path and the filename.
This simplifies some code both in the main process and the parser.
For this to work repositories are passed to the parser before any other
entity of this repository is passed. Struct entity is extended to include
the repoid and the path along the file(name).
Input and OK tb@ & job@

2 years agoGarbage collect historical setting of dsa->write_params = 1.
tb [Tue, 11 Jan 2022 12:14:07 +0000 (12:14 +0000)]
Garbage collect historical setting of dsa->write_params = 1.
This is always 1 with modern libs and write_params will soon go away.

2 years agoadd Synopsys Degisnware UART (dw-apb-uart) support
uaa [Tue, 11 Jan 2022 11:51:14 +0000 (11:51 +0000)]
add Synopsys Degisnware UART (dw-apb-uart) support

To fix Allwinner H6's UART problem, need to add dw-apb-uart special code.
ok kettenis@

2 years agoRemove KASSERT(0) and default switch case. No other sc_ncm_format
claudio [Tue, 11 Jan 2022 10:34:13 +0000 (10:34 +0000)]
Remove KASSERT(0) and default switch case. No other sc_ncm_format
switch has a default case and umb_ncm_setup_format() ensures that
only 16 and 32bit formats are accepted. Fixes build error without
DIAGNOSTIC set.
Found by and OK robert@

2 years agofix RSB_DMCR_DEVICE_MODE_DATA value to enter RSB mode correctly
uaa [Tue, 11 Jan 2022 10:23:17 +0000 (10:23 +0000)]
fix RSB_DMCR_DEVICE_MODE_DATA value to enter RSB mode correctly
ok kettenis@ patrick@

2 years agospelling
jsg [Tue, 11 Jan 2022 09:21:34 +0000 (09:21 +0000)]
spelling

2 years agomove allocations in DIOCSADDRULE and DIOCHANGERULE outside of locks.
sashan [Tue, 11 Jan 2022 09:00:17 +0000 (09:00 +0000)]
move allocations in DIOCSADDRULE and DIOCHANGERULE outside of locks.
this diff lets pf_rule_copyin() to be called outside of PF_LOCK()/NET_LOCK().

OK bluhm@

2 years agoregen
mvs [Tue, 11 Jan 2022 08:10:03 +0000 (08:10 +0000)]
regen

2 years agoUnlock getpeername(2). For inet and unix sockets it follows the code
mvs [Tue, 11 Jan 2022 08:09:14 +0000 (08:09 +0000)]
Unlock getpeername(2). For inet and unix sockets it follows the code
which was unlocked with accept(2) unlocking. For key management and
route domain sockets it just copies the read-only data.

ok bluhm@

2 years agoProduce alive in-flight sockets with positive "f_count == unp_msgcount"
mvs [Tue, 11 Jan 2022 08:03:25 +0000 (08:03 +0000)]
Produce alive in-flight sockets with positive "f_count == unp_msgcount"
equation. Such sockets should not be killed by unp_gc() otherwise system
will panic.

tested by anton@; ok bluhm@

2 years agomove kern_unveil.c to use DPRINTF()
semarie [Tue, 11 Jan 2022 07:31:50 +0000 (07:31 +0000)]
move kern_unveil.c to use DPRINTF()

Changes the way printf debug is done in kern_unveil.c

Currently, each printf() is enclosed in #ifdef DEBUG_UNVEIL. It moves
to using DPRINTF(), and reduces the number of #ifdef inside the file.

Also changes some strings to use __func__ instead of using the
function name verbatim.

ok visa@

2 years agoRemove dead store to f and avoid use of unvalidated fd.
visa [Tue, 11 Jan 2022 06:35:03 +0000 (06:35 +0000)]
Remove dead store to f and avoid use of unvalidated fd.

Found by LLVM scan-build.

OK millert@ deraadt@

2 years agoAdd temporary verbose logging when remote coverage fails to attach.
anton [Tue, 11 Jan 2022 06:23:05 +0000 (06:23 +0000)]
Add temporary verbose logging when remote coverage fails to attach.
In the hopes of tracking down a rare bug seen on syzkaller.

2 years agono need to inspect the coverage for the dying test case
anton [Tue, 11 Jan 2022 06:01:15 +0000 (06:01 +0000)]
no need to inspect the coverage for the dying test case

2 years agoIn revision 1.43 of kcov.c, the redundant conditional of checking for
anton [Tue, 11 Jan 2022 06:00:41 +0000 (06:00 +0000)]
In revision 1.43 of kcov.c, the redundant conditional of checking for
an exising kcov descriptor with the given device minor was removed since
kcov is a cloning device; i.e. the device minor should always be unique.

However, there's one edge case to still consider in which one thread
have tracing enabled while another thread closes the same kcov
descriptor. The kcov descriptor is kept alive until thread with tracing
enabled exits to prevent usage after free. This does however cause the
spec file layer above to flag the device minor as unused. Any subsequent
open of /dev/kcov would trip on the assertion in kcovopen() until the
thread with tracing enabled exits.

Therefore unconditionally remove the kcov descriptor from the global
list of active descriptors which is fine since the same kcov descriptor
will later be freed in kcov_exit().

I have never seen this in the wild but realized while hunting another
bug.

2 years agospelling
jsg [Tue, 11 Jan 2022 05:34:32 +0000 (05:34 +0000)]
spelling

2 years agoTidy up some comments
afresh1 [Tue, 11 Jan 2022 03:25:52 +0000 (03:25 +0000)]
Tidy up some comments

requested by deraadt@

2 years agospelling
jsg [Tue, 11 Jan 2022 03:13:58 +0000 (03:13 +0000)]
spelling
ok jmc@

2 years ago"void" functions should not return anything. From Tim Rice via -portable.
dtucker [Tue, 11 Jan 2022 02:56:19 +0000 (02:56 +0000)]
"void" functions should not return anything.  From Tim Rice via -portable.

2 years agosuppress "Connection to xxx closed" messages at LogLevel >= error
djm [Tue, 11 Jan 2022 01:26:47 +0000 (01:26 +0000)]
suppress "Connection to xxx closed" messages at LogLevel >= error
bz3378; ok dtucker@

2 years agoIf the install media contains non-free /*firmware*.tgz files, use fw_update
deraadt [Tue, 11 Jan 2022 00:58:32 +0000 (00:58 +0000)]
If the install media contains non-free /*firmware*.tgz files, use fw_update
to install them.  This lets users usb-lift firmware on a preloaded install70.img
image like this:
    # vnconfig install70.img
    vnd0
    # (mount /dev/vnd0a /mnt && cd /mnt && fw_update -F iwm iwx iwn intel)
    # umount /mnt && vnconfig -u vnd0
The firmwares are installed after the sets, then all network drivers are
re-configured in the hope that new firmwares have showed up.  The install
script continues to attempt a network firmware install, which might pull/update
additional firmwares.
work done with afresh1

2 years agoSplit 2nd half of enable_network() into a sub-function enable_ifs().
deraadt [Tue, 11 Jan 2022 00:48:45 +0000 (00:48 +0000)]
Split 2nd half of enable_network() into a sub-function enable_ifs().
This is the piece which loops over hostname.* files and runs ifconfig
like the inner loop of base /etc/netstart

2 years agomatch on Intel Jasper Lake
jsg [Tue, 11 Jan 2022 00:37:23 +0000 (00:37 +0000)]
match on Intel Jasper Lake

cavs/hda is pci class multimedia subclass audio so not automatically
matched by azalia but confirmed to work after matched

tested by Sven Wolf on Acer Swift 1 SF114-34 with Pentium Silver N6000

2 years agoregen
jsg [Mon, 10 Jan 2022 23:41:12 +0000 (23:41 +0000)]
regen

2 years agoadd Intel Jasper Lake devices
jsg [Mon, 10 Jan 2022 23:40:37 +0000 (23:40 +0000)]
add Intel Jasper Lake devices
from Intel Pentium Silver and Intel Celeron Processors Datasheet 633935

2 years agoConvert tls_bio_cb for opaque BIO
tb [Mon, 10 Jan 2022 23:39:48 +0000 (23:39 +0000)]
Convert tls_bio_cb for opaque BIO

joint with jsing

2 years agoMechanical conversion of libcsi for opaque DH.
tb [Mon, 10 Jan 2022 23:03:07 +0000 (23:03 +0000)]
Mechanical conversion of libcsi for opaque DH.

ok jsing

2 years agoDocument EVP_AEAD_CTX_{new,free}() and adjust example code.
tb [Mon, 10 Jan 2022 22:44:22 +0000 (22:44 +0000)]
Document EVP_AEAD_CTX_{new,free}() and adjust example code.

looks good to jsing

2 years agofix SEE ALSO;
jmc [Mon, 10 Jan 2022 21:16:44 +0000 (21:16 +0000)]
fix SEE ALSO;

2 years agoUnbreak tree. Sorry about that.
tb [Mon, 10 Jan 2022 19:22:26 +0000 (19:22 +0000)]
Unbreak tree. Sorry about that.

2 years agoReturn ENOMEM on malloc errors to prevent use of uninitialized stack
tobhe [Mon, 10 Jan 2022 18:23:39 +0000 (18:23 +0000)]
Return ENOMEM on malloc errors to prevent use of uninitialized stack
memory. Cleanup error handling while here.

ok stsp@ visa@

2 years agoWhen rendering the \h (horizontal motion) low-level roff(7) escape
schwarze [Mon, 10 Jan 2022 17:59:45 +0000 (17:59 +0000)]
When rendering the \h (horizontal motion) low-level roff(7) escape
sequence in -T ps and -T pdf output mode, use an appropriate
horizontal distance by correctly using the term_len() utility
function.  Output from the -T ascii, -T utf8, and -T html modes
was already correct and remains unchanged.

Lennart Jablonka <hummsmith42 at gmail dot com> found and reported
this unit conversion bug (misinterpreting AFM units as if they were
en units) when rendering scdoc-generated manuals (which is a low
quality generator, but that's no excuse for mandoc misformatting \h)
on Alpine Linux.  Lennart also tested this patch.

2 years agosync
deraadt [Mon, 10 Jan 2022 16:45:09 +0000 (16:45 +0000)]
sync

2 years agoInitialize variables that are touched in the error path.
visa [Mon, 10 Jan 2022 16:21:19 +0000 (16:21 +0000)]
Initialize variables that are touched in the error path.

Reminded by LLVM scan-build.

2 years agoNULL out pointers after transferring them to the DSA object.
tb [Mon, 10 Jan 2022 15:14:27 +0000 (15:14 +0000)]
NULL out pointers after transferring them to the DSA object.

2 years agosync
deraadt [Mon, 10 Jan 2022 15:14:24 +0000 (15:14 +0000)]
sync

2 years agoDedup get_dsa*() code.
tb [Mon, 10 Jan 2022 15:04:06 +0000 (15:04 +0000)]
Dedup get_dsa*() code.

Pointed out by jsing

2 years agoConvert testdsa to accessors for opaque DSA
tb [Mon, 10 Jan 2022 14:47:09 +0000 (14:47 +0000)]
Convert testdsa to accessors for opaque DSA

ok inoguchi jsing

2 years agoRemove a few unused defines from x509.h
tb [Mon, 10 Jan 2022 14:13:03 +0000 (14:13 +0000)]
Remove a few unused defines from x509.h

As suggested by schwarze, this removes

X509_EX_V_{INIT,NETSCAPE_HACK} and X509_EXT_PACK_{STRING,UNKNOWN}

ok inoguchi jsing

2 years agoUse NULL instead of 0 for pointers.
jan [Mon, 10 Jan 2022 14:07:59 +0000 (14:07 +0000)]
Use NULL instead of 0 for pointers.

OK bluhm@

2 years agoPrepare to provide the EVP_MD_meth_* API
tb [Mon, 10 Jan 2022 13:42:28 +0000 (13:42 +0000)]
Prepare to provide the EVP_MD_meth_* API

This allows implementations to add their own EVP_MD_METHODs.
Only the setters are provided.

This is used by erlang for the otp_test_engine.

ok inoguchi jsing

2 years agospeeling
dlg [Mon, 10 Jan 2022 13:09:29 +0000 (13:09 +0000)]
speeling

2 years agothis should be most of the necessary info for this driver.
dlg [Mon, 10 Jan 2022 13:04:52 +0000 (13:04 +0000)]
this should be most of the necessary info for this driver.

2 years agoDocument openssl pkey -check,-pubcheck and param -check
tb [Mon, 10 Jan 2022 12:19:26 +0000 (12:19 +0000)]
Document openssl pkey -check,-pubcheck and param -check

2 years agoImplement openssl pkey -{,pub}check and pkeyparam -check
tb [Mon, 10 Jan 2022 12:17:49 +0000 (12:17 +0000)]
Implement openssl pkey -{,pub}check and pkeyparam -check

These expose EVP_PKEY_{,public_,param_}check() to the command line.
They are currently noops and will be enabled in the upcoming bump.

ok inoguchi jsing

2 years agoPrepare to provide EVP_PKEY_{public,param}_check
tb [Mon, 10 Jan 2022 12:10:26 +0000 (12:10 +0000)]
Prepare to provide EVP_PKEY_{public,param}_check

This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().

There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.

ok inoguchi jsing

2 years agoProvide DH_check*_ex and many error codes
tb [Mon, 10 Jan 2022 12:00:52 +0000 (12:00 +0000)]
Provide DH_check*_ex and many error codes

DH_check{,_pub_key}_ex() wrap their non-ex versions to translate
the flags argument of the original functions into OpenSSL errors.
For this almost a dozen new error codes need to be added.

DH_params_check{,_ex}() is a new version of DH_check that only
performs a cheap subset of the checks.

They are needed to implement EVP_PKEY_{public,param}_check()
(observe the consistent naming) although the actual implementation
of EVP_PKEY_param_check() chose to use DH_check_ex().

As far as I can tell, the only raison d'ĂȘtre of the _ex functions
and error codes is to spew them to stderr in a couple of openssl(1)
commands. This couldn't have been solved differently...

These functions will not be exposed publicly.

ok inoguchi jsing

2 years agoPrepare to provide EVP_PKEY_check()
tb [Mon, 10 Jan 2022 11:52:43 +0000 (11:52 +0000)]
Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used.  The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.

The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().

It is unclear why the PKEY method has no const while the ASN.1 method
has const.

Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3

ok inoguchi jsing

2 years agoadd a bit more.
dlg [Mon, 10 Jan 2022 10:54:54 +0000 (10:54 +0000)]
add a bit more.

2 years agoPrevent a double free in EVP_MD_CTX_copy_ex()
tb [Mon, 10 Jan 2022 10:51:31 +0000 (10:51 +0000)]
Prevent a double free in EVP_MD_CTX_copy_ex()

NULL out two pointer values after memcpy() to avoid a double free.
In the event that both in->pctx and in->md_data are non-NULL and
the calloc() of out->md_data fails, a double free could occur.

ok inoguchi jsing

2 years agotweak slightly
dlg [Mon, 10 Jan 2022 10:20:31 +0000 (10:20 +0000)]
tweak slightly

2 years agoIn pmap_enter(9), only perform a TLB flush if we actually changed a PTE.
kettenis [Mon, 10 Jan 2022 09:20:27 +0000 (09:20 +0000)]
In pmap_enter(9), only perform a TLB flush if we actually changed a PTE.
To make this intent more obvious, group the call to the TLB flush function
togther with the call that inserts/updates/removes a PTE.
Remove an incorrect comment related to this.

ok patrick@

2 years agoaplsmc(4)
kettenis [Mon, 10 Jan 2022 09:16:30 +0000 (09:16 +0000)]
aplsmc(4)

2 years agoAdd aplsmc(4), a driver for the SMC found on Apple M1 SoCs.
kettenis [Mon, 10 Jan 2022 09:07:28 +0000 (09:07 +0000)]
Add aplsmc(4), a driver for the SMC found on Apple M1 SoCs.

The SMC implements a lot of functionality.  For now the driver only
implements a bunch of sensors.  This is a small subset of the sensors
that are made available by the SMC as we don't know what measurments
are provided for most sensors.

ok patrick@

2 years agohang some flesh off the bones that jsg provided.
dlg [Mon, 10 Jan 2022 07:51:23 +0000 (07:51 +0000)]
hang some flesh off the bones that jsg provided.

2 years agomark up the ioctl requests with Dv
dlg [Mon, 10 Jan 2022 07:01:50 +0000 (07:01 +0000)]
mark up the ioctl requests with Dv

2 years agoinitial kstat.4
jsg [Mon, 10 Jan 2022 04:59:19 +0000 (04:59 +0000)]
initial kstat.4
ok dlg@

2 years agoprovide access to the hardware counters (MIB counters in the doc) via kstat
dlg [Mon, 10 Jan 2022 04:47:53 +0000 (04:47 +0000)]
provide access to the hardware counters (MIB counters in the doc) via kstat

2 years agohandle the status ring entries as 64bit words instead of a struct.
dlg [Mon, 10 Jan 2022 04:11:13 +0000 (04:11 +0000)]
handle the status ring entries as 64bit words instead of a struct.

the status ring entries are 8 bytes/64bit, and depending on the
type of entry it has fields all over the place. this loads the
descriptor with a single 64bit read, and then shifts and masks the
bits out of it depending on the type of descriptor. this looks
cleaner for the tx completions in particular.

2 years agozap trailing whitespace
tb [Mon, 10 Jan 2022 00:09:06 +0000 (00:09 +0000)]
zap trailing whitespace

2 years agoCheck that the RSA exponent is neither even nor 1 in RSA_check_key()
tb [Mon, 10 Jan 2022 00:03:02 +0000 (00:03 +0000)]
Check that the RSA exponent is neither even nor 1 in RSA_check_key()

Part of OpenSSL commit 464d59a5

ok inoguchi jsing

2 years agoUse C99 initializers for test_sha_md
tb [Sun, 9 Jan 2022 23:55:31 +0000 (23:55 +0000)]
Use C99 initializers for test_sha_md

ok inoguchi jsing

2 years agoAdd an essentially empty comp_local.h and include it where it will
tb [Sun, 9 Jan 2022 23:50:10 +0000 (23:50 +0000)]
Add an essentially empty comp_local.h and include it where it will
be needed.

discussed with jsing

2 years agoSimplify igc_rxrinfo() to improve consistency and appease Coverity.
patrick [Sun, 9 Jan 2022 23:28:19 +0000 (23:28 +0000)]
Simplify igc_rxrinfo() to improve consistency and appease Coverity.

CID 1510483

ok kevlo@

2 years agounwind/unbound: prepare for opaque DSA and RSA.
tb [Sun, 9 Jan 2022 18:46:56 +0000 (18:46 +0000)]
unwind/unbound: prepare for opaque DSA and RSA.

Use the OpenSSL 1.1 codepath using accessors that have been available
since LibreSSL 2.7 instead of reaching into the structs.

ok sthen

2 years agodo not call ranlib -t anymore because it does nothing except wasting time;
robert [Sun, 9 Jan 2022 16:39:06 +0000 (16:39 +0000)]
do not call ranlib -t anymore because it does nothing except wasting time;

ok jca@, millert@

2 years agossl_check_srvr_ecc_cert_and_alg() only returns 0/1 - test accordingly.
jsing [Sun, 9 Jan 2022 15:55:37 +0000 (15:55 +0000)]
ssl_check_srvr_ecc_cert_and_alg() only returns 0/1 - test accordingly.

2 years agoSwap arguments to ssl_check_srvr_ecc_cert_and_alg()
jsing [Sun, 9 Jan 2022 15:53:52 +0000 (15:53 +0000)]
Swap arguments to ssl_check_srvr_ecc_cert_and_alg()

If a libssl function takes an SSL *, it should normally be the first
argument.

2 years agoClean up ssl3_{send,get}_client_kex_gost()
jsing [Sun, 9 Jan 2022 15:40:13 +0000 (15:40 +0000)]
Clean up ssl3_{send,get}_client_kex_gost()

Fix leaks, use sizeof() instead of hardcoded sizes, actually check return
codes, explicit_bzero() the premaster secret on the server side and
generally try to kick the GOST kex code into some sort of shape.

ok inoguchi@ tb@

2 years agoReturn 0/1 from ssl3_{send,get}_client_kex_gost()
jsing [Sun, 9 Jan 2022 15:34:21 +0000 (15:34 +0000)]
Return 0/1 from ssl3_{send,get}_client_kex_gost()

Like other KEX handling functions, there is no need to return anything
other than failure/success here.

ok inoguchi@ tb@

2 years agoRemove a comment from Captain Obvious.
jsing [Sun, 9 Jan 2022 15:29:42 +0000 (15:29 +0000)]
Remove a comment from Captain Obvious.

2 years agoFix GOST skip certificate verify handling.
jsing [Sun, 9 Jan 2022 15:28:47 +0000 (15:28 +0000)]
Fix GOST skip certificate verify handling.

GOST skip certificate verify handling got broken in r1.132 of s3_srvr.c
circa 2016. Prior to this, ssl3_get_client_key_exchange() returned an
'extra special' value to indicate that the state machine should skip
certificate verify. Fix this by setting and checking the
TLS1_FLAGS_SKIP_CERT_VERIFY flag, which is the same as is done in the
client.

ok inoguchi@ tb@

2 years agoPrepare to provide EVP_MD_CTX{,_set}_pkey_ctx()
tb [Sun, 9 Jan 2022 15:15:25 +0000 (15:15 +0000)]
Prepare to provide EVP_MD_CTX{,_set}_pkey_ctx()

This API with very strange ownership handling is used by Ruby 3.1,
unfortunately.

For unclear reasons, it was decided that the caller retains ownership of
the pctx passed in.  EVP_PKEY_CTX aren't refcounted, so a flag was added to
make sure that md_ctx->pctx is not freed in EVP_MD_CTX_{cleanup,reset}().
Since EVP_MD_CTX_copy_ex() duplicates the md_ctx->pctx, the flag also needs
to be unset on the duplicated EVP_MD_CTX.

ok inoguchi jsing

2 years agoIndicate that mvpxa(4) depends on sdhc code.
visa [Sun, 9 Jan 2022 13:27:47 +0000 (13:27 +0000)]
Indicate that mvpxa(4) depends on sdhc code.

OK deraadt@ phessler@

2 years agoAdd attribute for indicating sdhc dependency.
visa [Sun, 9 Jan 2022 13:26:08 +0000 (13:26 +0000)]
Add attribute for indicating sdhc dependency.

OK deraadt@ phessler@

2 years agoClean up pkey handling in ssl3_get_server_key_exchange()
jsing [Sun, 9 Jan 2022 13:17:33 +0000 (13:17 +0000)]
Clean up pkey handling in ssl3_get_server_key_exchange()

With TLSv1.2 and earlier, the authentication algorithm used to sign the
ServerKeyExchange message is dependent on the cipher suite in use and has
nothing to do with the key exchange algorithm. As such, check the
authentication algorithm based on the cipher suite in
ssl3_get_server_key_exchange() and handle things accordingly.

ok inoguchi@ tb@

2 years agoAdd two test cases from semarie@ which are solved by the last unveil
claudio [Sun, 9 Jan 2022 10:36:52 +0000 (10:36 +0000)]
Add two test cases from semarie@ which are solved by the last unveil
commit.

2 years agoAdd an UNVEIL_USERSET flag which is set when a unveil node is added via
claudio [Sun, 9 Jan 2022 10:28:07 +0000 (10:28 +0000)]
Add an UNVEIL_USERSET flag which is set when a unveil node is added via
unveil(2). It is not set for nodes that are added as a result of a file
being added via unveil(2). Use this flag to test if backtracking should
be done or not. Also introduce UNVEIL_MASK which checks if any user flags
are set and is used to properly return EACCES vs ENOENT.

This fixes a problem where unveil("/", "r") & unveil("/usr/bin/id", "rx")
cause an error when read accessing "/usr/bin". It also makes sure that
unveil(path, "") will return ENOENT for any access of anything under path.

Reported by and OK semarie@

2 years agoIncrease the max size of allocations, in prep for a large cache implementation.
otto [Sun, 9 Jan 2022 07:18:50 +0000 (07:18 +0000)]
Increase the max size of allocations, in prep for a large cache implementation.

2 years agospelling
jsg [Sun, 9 Jan 2022 05:42:36 +0000 (05:42 +0000)]
spelling
feedback and ok tb@ jmc@ ok ratchov@

2 years ago__LDPGSZ hasn't been used here since rev 1.23 (2013).
guenther [Sat, 8 Jan 2022 22:54:49 +0000 (22:54 +0000)]
__LDPGSZ hasn't been used here since rev 1.23 (2013).
Delete comment referring to it

ok jsg@

2 years agoDon't download SHA256.sig unless it's needed
afresh1 [Sat, 8 Jan 2022 22:32:00 +0000 (22:32 +0000)]
Don't download SHA256.sig unless it's needed

This allows installing local files without network.

it *might* work now deraadt@

2 years agoPrepare to provide OBJ_length() and OBJ_get0_data()
tb [Sat, 8 Jan 2022 21:36:39 +0000 (21:36 +0000)]
Prepare to provide OBJ_length() and OBJ_get0_data()

OBJ_length() turns the int obj->length into a size_t, so add
an overflow check. While obj->length should never be negative,
who knows...

ok jsing

2 years agoarchdep.h needed for _dl_dcbf, on powerpc
deraadt [Sat, 8 Jan 2022 18:30:18 +0000 (18:30 +0000)]
archdep.h needed for _dl_dcbf, on powerpc

2 years agoneed "archdep.h" for _dl_md_plabel on hppa
deraadt [Sat, 8 Jan 2022 17:28:49 +0000 (17:28 +0000)]
need "archdep.h" for _dl_md_plabel on hppa

2 years agoUse ${.ALLSRC:M*.y} instead of ${.IMPSRC} as the input file for yacc,
patrick [Sat, 8 Jan 2022 17:05:30 +0000 (17:05 +0000)]
Use ${.ALLSRC:M*.y} instead of ${.IMPSRC} as the input file for yacc,
to fix a bug where ${.IMPSRC} (aka $<) is used in a context where it
is not neccessarily defined by OpenBSD make.  This would sometime show
up trying to build libpcap with the following error message:

Using $< in a non-suffix rule context is a GNUmake idiom (<bsd.dep.mk>:47)

The issue is with the rule for the grammar.h file that is generated
by yacc from grammar.c. You can easily reproduce the bug with the
following steps:

- build libpcap from scratch: cd src/lib/libpcap && make clean all
- remove the generated grammar.h file: rm obj*/grammar.h
- build libpcap again (incremental build): make

In normal builds this does not trigger as grammar.h is implicitly
generated by the rule for grammar.c and when make checks for
dependencies it simply finds grammar.h uptodate. However, incremental
or parallel builds might decide to make grammar.h from grammar.y.

Now, why is this only a problem for grammar.h but not for grammar.c?
The answer to this question is burried deeply in OpenBSD's mk files.

The snippet in bsd.dep.mk that triggers the error is a single rule
statement that generates foo.c and foo.h from foo.y with a call to
yacc -d. The rule is generated with a loop, i.e. it is not a prefix
rule. However, a prefix rule context is required for the use of
${.IMPSRC} aka $<. For the .c file such a prefix rule is provided by
bsd.sys.mk and this rule is in scope when make evaluates the yacc rule.
However, for .h file generation from a .y file there is no such prefix
rule defined in any of the Makefiles. Even if it were the .h suffix is
missing from .SUFFIXES and the rule would not be considered.

The obvious way to fix this would be to use $f instead of ${.IMPSRC}.
However, this does not work as $f is then missing the path prefix and
yacc won't find it if an obj directory is used. This is probably the
reason for the use of ${.IMPSRC} in the first place.

Committing on behalf of ehrhardt@
"I like the diff" deraadt@
ok guenther@

2 years agotiny whitespace tweak
tb [Sat, 8 Jan 2022 15:34:59 +0000 (15:34 +0000)]
tiny whitespace tweak

2 years agoRemove apldwusb(4). This driver is now unused.
kettenis [Sat, 8 Jan 2022 15:30:46 +0000 (15:30 +0000)]
Remove apldwusb(4).  This driver is now unused.

2 years agoOops, missed a compatible string in the previous commit.
kettenis [Sat, 8 Jan 2022 15:23:42 +0000 (15:23 +0000)]
Oops, missed a compatible string in the previous commit.