openbsd
7 months agoremove prototypes for removed functions
jsg [Mon, 29 Apr 2024 13:07:18 +0000 (13:07 +0000)]
remove prototypes for removed functions

7 months agoremove prototypes for removed functions
jsg [Mon, 29 Apr 2024 13:01:54 +0000 (13:01 +0000)]
remove prototypes for removed functions

7 months agoremove unused armv7 specific find_first_bit()
jsg [Mon, 29 Apr 2024 12:46:22 +0000 (12:46 +0000)]
remove unused armv7 specific find_first_bit()

7 months agoremove unused intc_intr_bootstrap()
jsg [Mon, 29 Apr 2024 12:42:06 +0000 (12:42 +0000)]
remove unused intc_intr_bootstrap()

7 months agoremove unused global vars
jsg [Mon, 29 Apr 2024 12:33:17 +0000 (12:33 +0000)]
remove unused global vars

7 months agoremove prototypes for removed functions
jsg [Mon, 29 Apr 2024 12:24:46 +0000 (12:24 +0000)]
remove prototypes for removed functions

7 months agoremove unused pmap_vp_remove()
jsg [Mon, 29 Apr 2024 10:07:37 +0000 (10:07 +0000)]
remove unused pmap_vp_remove()
ok miod@ kettenis@

7 months agodrm/amdgpu: remove invalid resource->start check v2
jsg [Mon, 29 Apr 2024 06:40:11 +0000 (06:40 +0000)]
drm/amdgpu: remove invalid resource->start check v2

From Christian Koenig
db74904a93a370807001e5fd64b5850a61f2bf65 in linux-6.6.y/6.6.29
ca7c4507ba87e9fc22e0ecfa819c3664b3e8287b in mainline linux

7 months agodrm/amdkfd: Fix memory leak in create_process failure
jsg [Mon, 29 Apr 2024 06:37:08 +0000 (06:37 +0000)]
drm/amdkfd: Fix memory leak in create_process failure

From Felix Kuehling
aa02d43367a9adf8c85fb382fea4171fb266c8d0 in linux-6.6.y/6.6.29
18921b205012568b45760753ad3146ddb9e2d4e2 in mainline linux

7 months agodrm/amdgpu: validate the parameters of bo mapping operations more clearly
jsg [Mon, 29 Apr 2024 06:35:53 +0000 (06:35 +0000)]
drm/amdgpu: validate the parameters of bo mapping operations more clearly

From xinhui pan
ef13eeca7c79136bc38e21eb67322c1cbd5c40ee in linux-6.6.y/6.6.29
6fef2d4c00b5b8561ad68dd2b68173f5c6af1e75 in mainline linux

7 months agodrm/radeon: make -fstrict-flex-arrays=3 happy
jsg [Mon, 29 Apr 2024 06:31:57 +0000 (06:31 +0000)]
drm/radeon: make -fstrict-flex-arrays=3 happy

From Alex Deucher
259486b5bdc63f648634c30b8284be29834a4125 in linux-6.6.y/6.6.29
0ba753bc7e79e49556e81b0d09b2de1aa558553b in mainline linux

7 months agodrm/i915/mst: Limit MST+DSC to TGL+
jsg [Mon, 29 Apr 2024 06:30:19 +0000 (06:30 +0000)]
drm/i915/mst: Limit MST+DSC to TGL+

From Ville Syrjala
75170320459ae5bedf73352989b8433880cba20a in linux-6.6.y/6.6.29
51bc63392e96ca45d7be98bc43c180b174ffca09 in mainline linux

7 months agodrm/i915/vma: Fix UAF on destroy against retire race
jsg [Mon, 29 Apr 2024 06:27:37 +0000 (06:27 +0000)]
drm/i915/vma: Fix UAF on destroy against retire race

From Janusz Krzysztofik
5e3eb862df9f972ab677fb19e0d4b9b1be8db7b5 in linux-6.6.y/6.6.29
0e45882ca829b26b915162e8e86dbb1095768e9e in mainline linux

7 months agodrm/amd/display: Do not recursively call manual trigger programming
jsg [Mon, 29 Apr 2024 06:25:15 +0000 (06:25 +0000)]
drm/amd/display: Do not recursively call manual trigger programming

From Dillon Varone
a17236f99f49c5e3c2a052302127284a99fc07bb in linux-6.6.y/6.6.29
953927587f37b731abdeabe46ad44a3b3ec67a52 in mainline linux

7 months agodrm/i915: Disable live M/N updates when using bigjoiner
jsg [Mon, 29 Apr 2024 06:23:20 +0000 (06:23 +0000)]
drm/i915: Disable live M/N updates when using bigjoiner

From Ville Syrjala
9d106175b7a081f98112694e7fbb82105aff4eef in linux-6.6.y/6.6.29
4a36e46df7aa781c756f09727d37dc2783f1ee75 in mainline linux

7 months agodrm/i915: Adjust seamless_m_n flag behaviour
jsg [Mon, 29 Apr 2024 06:21:44 +0000 (06:21 +0000)]
drm/i915: Adjust seamless_m_n flag behaviour

From Ville Syrjala
ccb0934aeb3f7be579717041b10d274feef21de3 in linux-6.6.y/6.6.29
825edc8bc72f3266534a04e9a4447b12332fac82 in mainline linux

7 months agodrm/i915: Enable VRR later during fastsets
jsg [Mon, 29 Apr 2024 06:19:53 +0000 (06:19 +0000)]
drm/i915: Enable VRR later during fastsets

From Ville Syrjala
deaeb5b64c5b8a7b681acaf721d040b1fe9dcc53 in linux-6.6.y/6.6.29
691dec86acc3afb469f09e9a4a00508b458bdb0c in mainline linux

7 months agodrm/i915: Extract intel_crtc_vblank_evade_scanlines()
jsg [Mon, 29 Apr 2024 06:18:00 +0000 (06:18 +0000)]
drm/i915: Extract intel_crtc_vblank_evade_scanlines()

From Ville Syrjala
7e50ac4203d6a8b151233550cec7d7da794b2e13 in linux-6.6.y/6.6.29
f4b0cece716c95e16d973a774d5a5c5cc8cb335d in mainline linux

7 months agodrm/i915: Change intel_pipe_update_{start,end}() calling convention
jsg [Mon, 29 Apr 2024 06:16:30 +0000 (06:16 +0000)]
drm/i915: Change intel_pipe_update_{start,end}() calling convention

From Ville Syrjala
e19dc8c49e97b5cd84ee5753c301d64cde98c6aa in linux-6.6.y/6.6.29
09f390d4e2f38f8433431f4da31ca0a17a5c7853 in mainline linux

7 months agodrm/i915/cdclk: Fix voltage_level programming edge case
jsg [Mon, 29 Apr 2024 06:14:32 +0000 (06:14 +0000)]
drm/i915/cdclk: Fix voltage_level programming edge case

From Ville Syrjala
51cc733fb48e86c3bbfaef1713710b2a6ffe565d in linux-6.6.y/6.6.29
6154cc9177ccea00c89ce0bf93352e474b819ff2 in mainline linux

7 months agodrm/i915/mst: Reject FEC+MST on ICL
jsg [Mon, 29 Apr 2024 06:12:46 +0000 (06:12 +0000)]
drm/i915/mst: Reject FEC+MST on ICL

From Ville Syrjala
6711b0817a384bbeb8c951521334d5ef78c855aa in linux-6.6.y/6.6.29
99f855082f228cdcecd6ab768d3b8b505e0eb028 in mainline linux

7 months agodrm/i915: Fix FEC pipe A vs. DDI A mixup
jsg [Mon, 29 Apr 2024 06:10:41 +0000 (06:10 +0000)]
drm/i915: Fix FEC pipe A vs. DDI A mixup

From Ville Syrjala
6b625d2743b464a16904feb5520462041e3d3ce2 in linux-6.6.y/6.6.29
126f94e87e7960ef7ae58180e39c19cc9dcbbf7f in mainline linux

7 months agoadd check_add_overflow() for 6.6.29 drm
jsg [Mon, 29 Apr 2024 06:06:46 +0000 (06:06 +0000)]
add check_add_overflow() for 6.6.29 drm

7 months agoremove unused global vars
jsg [Mon, 29 Apr 2024 00:29:48 +0000 (00:29 +0000)]
remove unused global vars
ok deraadt@ miod@

7 months agogmtime(3) / locatime(3) can fail when timestamps are way off.
florian [Sun, 28 Apr 2024 16:43:42 +0000 (16:43 +0000)]
gmtime(3) / locatime(3) can fail when timestamps are way off.

Add missing error checks to all calls under sbin/

Input & OK millert

7 months agogmtime(3) / locatime(3) can fail when timestamps are way off.
florian [Sun, 28 Apr 2024 16:43:15 +0000 (16:43 +0000)]
gmtime(3) / locatime(3) can fail when timestamps are way off.

Add missing error checks to all calls under bin/

Input & OK millert

7 months agogmtime(3) / locatime(3) can fail when timestamps are way off.
florian [Sun, 28 Apr 2024 16:42:53 +0000 (16:42 +0000)]
gmtime(3) / locatime(3) can fail when timestamps are way off.

Add missing error checks to all calls under libexec/

Input & OK millert

7 months ago__sfvwrite: allow writing buffers larger than BUFSIZ or st_blksize.
millert [Sun, 28 Apr 2024 14:28:02 +0000 (14:28 +0000)]
__sfvwrite: allow writing buffers larger than BUFSIZ or st_blksize.

This can vastly improve write performance.  For unbuffered writes,
we now write up to INT_MAX instead of BUFSIZE.  For buffered writes,
write the largest multiple of the buffer size (which may be st_blksize).
From Apple via enh at google.  OK tb@

7 months agosync
deraadt [Sun, 28 Apr 2024 13:12:31 +0000 (13:12 +0000)]
sync

7 months agoRemove unused url from netproc()
tb [Sun, 28 Apr 2024 10:09:25 +0000 (10:09 +0000)]
Remove unused url from netproc()

Leftover from when RFC 8555 support was added.

ok florian

7 months agoDon't filter dangerous characters by hand when strvisx(3) is right there.
florian [Sun, 28 Apr 2024 08:29:56 +0000 (08:29 +0000)]
Don't filter dangerous characters by hand when strvisx(3) is right there.

segfault reported by sthen, which was most likely caused by buf_dump().

OK tb

7 months agoUse propper knf.
florian [Sat, 27 Apr 2024 19:49:42 +0000 (19:49 +0000)]
Use propper knf.

Spotted by kettenis.

7 months agoadd a man page from curses source for clear(1);
jmc [Sat, 27 Apr 2024 15:05:55 +0000 (15:05 +0000)]
add a man page from curses source for clear(1);
from piotr durlej

ok millert

7 months agolocaltime(3) can fail if time_t is very far in the future or past.
florian [Sat, 27 Apr 2024 14:57:02 +0000 (14:57 +0000)]
localtime(3) can fail if time_t is very far in the future or past.

found using afl++

OK millert

7 months ago"!command" notation was zapped 8 years ago - remove corresponding
jmc [Sat, 27 Apr 2024 14:52:30 +0000 (14:52 +0000)]
"!command" notation was zapped 8 years ago - remove corresponding
entry from the help file; from piotr durlej

while here, zap an unneccessary blank line

ok millert

7 months agoTweak start of DESCRIPTION of EC_GROUP_new()
tb [Sat, 27 Apr 2024 07:41:47 +0000 (07:41 +0000)]
Tweak start of DESCRIPTION of EC_GROUP_new()

Complete precision will lead to complete confusion, however outright lies
are also bad.

8 months agoDocument EC_curve_{nid2nist,nist2nid}()
tb [Fri, 26 Apr 2024 14:23:03 +0000 (14:23 +0000)]
Document EC_curve_{nid2nist,nist2nid}()

8 months agofix signal test; ok tb@
jsg [Fri, 26 Apr 2024 04:44:43 +0000 (04:44 +0000)]
fix signal test; ok tb@

8 months agoUpdate awk to the Apr 22, 2024 version.
millert [Thu, 25 Apr 2024 18:33:53 +0000 (18:33 +0000)]
Update awk to the Apr 22, 2024 version.

 * fixed regex engine gototab reallocation issue that was introduced
   during the Nov 24 rewrite.

 * fixed use-after-free bug in fnematch due to adjbuf invalidating
   the pointers to buf.

8 months agoAdd boot.conf(8) 'mach idle [secs]' to halt at idle passphrase prompts
kn [Thu, 25 Apr 2024 18:31:49 +0000 (18:31 +0000)]
Add boot.conf(8) 'mach idle [secs]' to halt at idle passphrase prompts

Enable users to power down their machines if there was no input after N
seconds during disk descryption.

Motivation is to save battery and prevent pocket heaters when notebooks
unhibernate (e.g. lid accidentially opened) and sit at "Passphrase: ".

Only available on efi(4) systems as the timeout is saved as EFI variable;
mostly because that's trivial to do, but also because we lack a better
mechanism to configure that and persist such data without the root disk.

Discussed with many, starting at h2k23
OK Tests gnezdo

8 months agoRename socket wait channels when sleeping.
bluhm [Thu, 25 Apr 2024 17:32:53 +0000 (17:32 +0000)]
Rename socket wait channels when sleeping.

Use "netacc" for accept(2) and "netcon" for connect(2).  Call sleep
in sys_ypconnect() "ypcon" to make it unique.  sblock() now has
"sblock" to distinguish it from netlock.

OK claudio@ mvs@ kn@

8 months agosync
tb [Thu, 25 Apr 2024 16:14:40 +0000 (16:14 +0000)]
sync

8 months agoTake pem2.h behind the barn
tb [Thu, 25 Apr 2024 16:14:00 +0000 (16:14 +0000)]
Take pem2.h behind the barn

/*
 * This header only exists to break a circular dependency between pem and err
 * Ben 30 Jan 1999.
 */

25 years of uselessness is about a quarter century more than enough.

discussed with jsing

8 months agoAdd regress coverage for crypto_ct_*_u8()
jsing [Thu, 25 Apr 2024 14:27:29 +0000 (14:27 +0000)]
Add regress coverage for crypto_ct_*_u8()

8 months agoadd fstat() call removed in 1.145 to avoid uninitialised var use
jsg [Thu, 25 Apr 2024 14:24:54 +0000 (14:24 +0000)]
add fstat() call removed in 1.145 to avoid uninitialised var use
ok tobhe@

8 months agoAdjust macro definitions for dwqe(4) Rx descriptors.
stsp [Thu, 25 Apr 2024 11:37:39 +0000 (11:37 +0000)]
Adjust macro definitions for dwqe(4) Rx descriptors.

Split Rx desc macro definitions into two sections, one for the "read"
format and one for the "writeback" format. Add some macros which will
be needed to support Rx checksum offloading.

ok jmatthew@

8 months agoDon't divide by zero (empty files)
job [Thu, 25 Apr 2024 09:58:17 +0000 (09:58 +0000)]
Don't divide by zero (empty files)

While there, also increase buf[]

OK claudio@

8 months agoMask off MAC management counter interrupts. The driver doesn't know how
jmatthew [Thu, 25 Apr 2024 08:51:37 +0000 (08:51 +0000)]
Mask off MAC management counter interrupts.  The driver doesn't know how
to handle these, so if they're enabled, they will cause an interrupt
storm.

ok patrick@ jsg@ stsp@

8 months agoslightly tweak softraid(4) wording to make installboot(8) usage more obvious
stsp [Thu, 25 Apr 2024 07:21:43 +0000 (07:21 +0000)]
slightly tweak softraid(4) wording to make installboot(8) usage more obvious

8 months agoadd percentage to ruler after recent changes;
jmc [Thu, 25 Apr 2024 05:26:41 +0000 (05:26 +0000)]
add percentage to ruler after recent changes;

8 months agoUse -mno-fpu when compiling with clang now that the in-tree clang supports
miod [Thu, 25 Apr 2024 05:23:45 +0000 (05:23 +0000)]
Use -mno-fpu when compiling with clang now that the in-tree clang supports
this option; from Brad.

8 months agofix error return in fork_proc_backend(); ok gilles@
op [Wed, 24 Apr 2024 21:31:31 +0000 (21:31 +0000)]
fix error return in fork_proc_backend(); ok gilles@

8 months agoRegen
claudio [Wed, 24 Apr 2024 19:10:11 +0000 (19:10 +0000)]
Regen

8 months agoRevert rev 1.261 and require sigsuspend and __thrsigdivert to take
claudio [Wed, 24 Apr 2024 19:09:14 +0000 (19:09 +0000)]
Revert rev 1.261 and require sigsuspend and __thrsigdivert to take
KERNEL_LOCK. There is at least a race in sigsuspend which can be
triggered by dump(8). Should be enough to allow me to look for the
real cause.

8 months agoIn ruler show the current line number as a percentage of the total lines
job [Wed, 24 Apr 2024 15:15:40 +0000 (15:15 +0000)]
In ruler show the current line number as a percentage of the total lines

OK claudio@

8 months agoannounce_capa is no more.
claudio [Wed, 24 Apr 2024 10:42:09 +0000 (10:42 +0000)]
announce_capa is no more.
OK tb@

8 months agoRemove 'announce capabilities' as neighbor config stanza.
claudio [Wed, 24 Apr 2024 10:41:34 +0000 (10:41 +0000)]
Remove 'announce capabilities' as neighbor config stanza.

There is no need to have an easy knob to get outdated or crappy
implementations to limp along. Instead the various default on
capabilities just need to be disabled (e.g. announce as-4byte no).

OK tb@

8 months agoUse static inline for cd1400_write_ccr() because clang 16 has issues with it.
claudio [Wed, 24 Apr 2024 09:30:30 +0000 (09:30 +0000)]
Use static inline for cd1400_write_ccr() because clang 16 has issues with it.

Also remove some unused prototypes.
From Koakuma, OK kn@

8 months agoUse "indicate" to match reset of the document.
florian [Tue, 23 Apr 2024 22:17:49 +0000 (22:17 +0000)]
Use "indicate" to match reset of the document.

Pointed out by kn, missed in previous.

8 months agoImplement RFC 4191 default router preference.
florian [Tue, 23 Apr 2024 22:11:59 +0000 (22:11 +0000)]
Implement RFC 4191 default router preference.

OK phessler, kn

(Committing from a ferry somewhere on the English channel. Sadly the
free WiFi does not provide IPv6.)

8 months agocorrect indentation; no functional change
jsg [Tue, 23 Apr 2024 13:34:50 +0000 (13:34 +0000)]
correct indentation; no functional change
ok tb@

8 months agouse 1U << 31 to avoid undefined behaviour
jsg [Tue, 23 Apr 2024 13:09:21 +0000 (13:09 +0000)]
use 1U << 31 to avoid undefined behaviour
ok miod@

8 months agoOne empty line is enough
tb [Tue, 23 Apr 2024 10:52:08 +0000 (10:52 +0000)]
One empty line is enough

8 months agoAdd missing comma
tb [Tue, 23 Apr 2024 10:27:46 +0000 (10:27 +0000)]
Add missing comma

spotted by jsg

8 months agoSync the supported hardware list with arm64.html.
fcambus [Tue, 23 Apr 2024 10:17:20 +0000 (10:17 +0000)]
Sync the supported hardware list with arm64.html.

8 months agosync with ftp/fetch.c r1.218: send host header for proxies
tb [Tue, 23 Apr 2024 09:09:29 +0000 (09:09 +0000)]
sync with ftp/fetch.c r1.218: send host header for proxies

ok claudio

8 months agoftp: send Host: headers with CONNECT requests when tunneling TLS over an
sthen [Tue, 23 Apr 2024 08:50:38 +0000 (08:50 +0000)]
ftp: send Host: headers with CONNECT requests when tunneling TLS over an
HTTP proxy (i.e. for fetching resources over https). This is required by
some proxy servers.

Ftom KUWAZAWA Takuya, ok tb@

8 months agosimplify bit shift; avoids shifting into int sign bit
jsg [Tue, 23 Apr 2024 04:12:53 +0000 (04:12 +0000)]
simplify bit shift; avoids shifting into int sign bit
ok kettenis@ miod@

8 months agonewsyslog: allow the F flag to be used on its own.
millert [Mon, 22 Apr 2024 14:20:35 +0000 (14:20 +0000)]
newsyslog: allow the F flag to be used on its own.
Fixes a conditional that lacked a check for 'F' or 'f'.
From Alvar Penning.

8 months agofix indentation and remove uneeded braces
jsg [Mon, 22 Apr 2024 14:19:48 +0000 (14:19 +0000)]
fix indentation and remove uneeded braces
feedback and ok tb@

8 months agomark the "signal" field as optional; from alvar penning
jmc [Mon, 22 Apr 2024 14:16:14 +0000 (14:16 +0000)]
mark the "signal" field as optional; from alvar penning
ok millert

8 months agosndiod: Use the channel mapping code of aucat
ratchov [Mon, 22 Apr 2024 14:11:35 +0000 (14:11 +0000)]
sndiod: Use the channel mapping code of aucat

For now sndiod uses only a subset of the available channel mappings.
It gives the same result as the previous one, but having the same
in both programs makes code review and testing easier.

8 months agoShow pf fragment reassembly counters.
bluhm [Mon, 22 Apr 2024 13:30:22 +0000 (13:30 +0000)]
Show pf fragment reassembly counters.

Framgent count and statistics are stored in struct pf_status.  From
there pfctl(8) and systat(1) collect and show them.  Note that pfctl
-s info needs the -v switch to show fragments.  As fragment reassembly
has its own mutex, also grab this in pf ipctl(2) and sysctl(2) code.

input claudio@; OK henning@

8 months agoaucat: Use a 24-bit table for index to volume conversion
ratchov [Mon, 22 Apr 2024 12:32:51 +0000 (12:32 +0000)]
aucat: Use a 24-bit table for index to volume conversion

8 months agoaucat: Fix comments, from similar comments fixes in sndiod
ratchov [Mon, 22 Apr 2024 12:21:49 +0000 (12:21 +0000)]
aucat: Fix comments, from similar comments fixes in sndiod

8 months agosndiod: Use a 24-bit table for index to volume conversion.
ratchov [Mon, 22 Apr 2024 11:07:42 +0000 (11:07 +0000)]
sndiod: Use a 24-bit table for index to volume conversion.

8 months agosndiod: Use resampling algorithm from aucat
ratchov [Mon, 22 Apr 2024 11:01:02 +0000 (11:01 +0000)]
sndiod: Use resampling algorithm from aucat

sndiod doesn't use partial blocks as aucat, but having the same
algorithm makes code review and testing easier.

8 months agosndiod: Drop duplicate prototype of dev_new()
ratchov [Mon, 22 Apr 2024 10:57:36 +0000 (10:57 +0000)]
sndiod: Drop duplicate prototype of dev_new()

8 months agosndioctl: Remove assert about duplicate controls
ratchov [Mon, 22 Apr 2024 10:49:01 +0000 (10:49 +0000)]
sndioctl: Remove assert about duplicate controls

On the sndiod(8) side device controls are not ordered. While switching
from one device to another, a new control (of the new device) may
appear before an old control with the same name is removed. As
discussed in sioctl_open(3), once the full description increment is
fetched (i.e. the call-back is invoked with NULL sioctl_desc
structure) the representation of the control set is consistent.

8 months agosndiod: Hide forgotten debug printfs
ratchov [Mon, 22 Apr 2024 10:43:55 +0000 (10:43 +0000)]
sndiod: Hide forgotten debug printfs

8 months agosndiod: Call ctlslot->ops->sync() after every control update
ratchov [Mon, 22 Apr 2024 10:43:16 +0000 (10:43 +0000)]
sndiod: Call ctlslot->ops->sync() after every control update

This ensures that the final NULL sioctl_ondesc() call-back
call is not lost.

8 months agosndiod: Make opt_setdev() return 1 if the device was accepted
ratchov [Mon, 22 Apr 2024 10:42:04 +0000 (10:42 +0000)]
sndiod: Make opt_setdev() return 1 if the device was accepted

8 months agosndiod: Return the number of controls ctl_del() has deleted.
ratchov [Mon, 22 Apr 2024 10:39:51 +0000 (10:39 +0000)]
sndiod: Return the number of controls ctl_del() has deleted.

8 months agoIn state IDLE handle EVNT_STOP and stop the IdleHold timer. This way
claudio [Mon, 22 Apr 2024 09:43:11 +0000 (09:43 +0000)]
In state IDLE handle EVNT_STOP and stop the IdleHold timer. This way
a down of an idle connection will properly stop the session.

OK tb@ (as part of larger diff)

8 months agoMove setting of the shutdown reason to session_stop()
claudio [Mon, 22 Apr 2024 09:36:04 +0000 (09:36 +0000)]
Move setting of the shutdown reason to session_stop()

Also make sure that something is logged when a session is stopped.
Part of a bigger diff which was OK tb@

8 months agoNo longer fall back to no capabilities when there is an OPEN/optional
claudio [Mon, 22 Apr 2024 08:53:59 +0000 (08:53 +0000)]
No longer fall back to no capabilities when there is an OPEN/optional
attribute error.

BGP more and more relies on capabilities, automatically clearing them
all no longer seems the right choice. Now operators need to adjust the
config explicitly to allow such connections.
From a larger diff which is OK tb@

8 months agoInstead of unhooking libssl/client regress tests, flag them as expected
anton [Mon, 22 Apr 2024 07:31:54 +0000 (07:31 +0000)]
Instead of unhooking libssl/client regress tests, flag them as expected
to fail.

ok tb@

8 months agoSprinkle experimental into regress so they compile
claudio [Mon, 22 Apr 2024 05:54:01 +0000 (05:54 +0000)]
Sprinkle experimental into regress so they compile
Reported by anton@

8 months agoremove space at eol
jsg [Mon, 22 Apr 2024 02:30:23 +0000 (02:30 +0000)]
remove space at eol

8 months agoP-256 support is experimental so require -x to enable it.
claudio [Sun, 21 Apr 2024 19:27:44 +0000 (19:27 +0000)]
P-256 support is experimental so require -x to enable it.

Also clean up the externs a little bit by moving experimental and noop
to extern.h.
Reminded by and OK tb@

8 months agoPass advertising router to the kernel.
florian [Sun, 21 Apr 2024 17:33:05 +0000 (17:33 +0000)]
Pass advertising router to the kernel.

We are using the ifra_dstaddr for this because it will always be
unused with autoconf addresses since they can't be used on P2P links.

OK bluhm

8 months agoImplement rule 5.5 of RFC 6724 (Default Address Selection for IPv6)
florian [Sun, 21 Apr 2024 17:32:10 +0000 (17:32 +0000)]
Implement rule 5.5 of RFC 6724 (Default Address Selection for IPv6)

Rule 5.5: Prefer addresses in a prefix advertised by the next-hop.

For this we have to track the (link-local) address of the advertising
router per interface address and compare it with the selected route.

Rule 5.5 is useful in multi-homing setups where we have more than one
prefix and default router. We have to use the source address with the
correct default gateway otherwise traffic is likely going to be
dropped because of BCP 38.

While here refactor in6_update_ifa() a bit to make the code clearer
and consistently use (var & flag) instead of (var & flag) != 0.

Patiently reviewed by & OK bluhm.

8 months agounwrap line
tb [Sun, 21 Apr 2024 13:41:14 +0000 (13:41 +0000)]
unwrap line

8 months agoRemove file without the now mandatory signing-time attribute
tb [Sun, 21 Apr 2024 10:13:37 +0000 (10:13 +0000)]
Remove file without the now mandatory signing-time attribute

8 months agoMandate presence of CMS signing-time and disallow binary-signing-time
job [Sun, 21 Apr 2024 09:03:22 +0000 (09:03 +0000)]
Mandate presence of CMS signing-time and disallow binary-signing-time

RFC-to-be draft-ietf-sidrops-cms-signing-time updates RFC 6488 by
mandating the presence of the CMS signing-time attribute and disallowing
the use of the CMS binary-signing-time attribute in RPKI Signed Objects.
The ecosystem has behaved this way for a number of years now.

Flip from warning to erroring for non-compliant objects.

OK tb@

8 months agoDisplay distinct errors for various problematic CRL/MFT situationships
job [Sat, 20 Apr 2024 15:45:41 +0000 (15:45 +0000)]
Display distinct errors for various problematic CRL/MFT situationships

RFC 6487 section 8 specifies only a single CRL is issued at a time, so
error when multiple .crl files are listed in a Manifest's FileList.

The CRLDP extension identifies the location of the CRL, so the CRL's
filename must match the CA's CRLDP's 'rsync://' entry, error if that
isn't the case. (RFC 6486 section 4.8.6)

with & OK tb@

8 months agoRemove more unnecessary GOST code
tb [Sat, 20 Apr 2024 10:11:55 +0000 (10:11 +0000)]
Remove more unnecessary GOST code

ok jsing

8 months agoregen
jsg [Sat, 20 Apr 2024 08:54:29 +0000 (08:54 +0000)]
regen

8 months agoadd Ryzen 8040 "Hawk Point" ids
jsg [Sat, 20 Apr 2024 08:54:01 +0000 (08:54 +0000)]
add Ryzen 8040 "Hawk Point" ids

found in AMD Software: Adrenalin Edition 24.3.1
functionally the same as Ryzen 7040 "Phoenix"

8 months agoMake regress mpath more reliable.
bluhm [Fri, 19 Apr 2024 22:20:36 +0000 (22:20 +0000)]
Make regress mpath more reliable.

Create 100 IP addresses and 100 multipath routes.  Then the test
can expect a better distribution of routes that are actually used.

OK anton@