claudio [Tue, 4 Sep 2018 10:48:39 +0000 (10:48 +0000)]
Instead of bzero() use an assinment to zero struct in_addr.
eric [Tue, 4 Sep 2018 10:08:22 +0000 (10:08 +0000)]
remove unused flags
cheloha [Tue, 4 Sep 2018 02:38:25 +0000 (02:38 +0000)]
kevent: Don't poll for nonzero timeouts < 1us.
Instead of truncating nanosecond timeouts to zero here and polling, we
should round up to a delay of at least a tick, just like all the other
timespec syscalls.
Fixed in NetBSD kern_event.c v1.62 and FreeBSD r247804.
ok millert@ visa@
bcallah [Mon, 3 Sep 2018 22:12:37 +0000 (22:12 +0000)]
Remove bits about MODMONO_NANT in the lang/mono section; devel/nant does
not exist anymore.
ok jca@ daniel@
jcs [Mon, 3 Sep 2018 19:52:51 +0000 (19:52 +0000)]
regen
jcs [Mon, 3 Sep 2018 19:51:48 +0000 (19:51 +0000)]
add another toshiba nvme
gilles [Mon, 3 Sep 2018 19:01:29 +0000 (19:01 +0000)]
simplify the smtp_command() function by splitting cmd handlers into
two sets of functions smtp_check_<verb> and smtp_proceed_<verb>. we
use the check functions to validate that verb is acceptable at this
point of a session and proceed to actually move the session forward
ok eric@
jsing [Mon, 3 Sep 2018 18:00:50 +0000 (18:00 +0000)]
Stop using composite EVP_CIPHER AEADs.
The composite AEADs are "stitched" mode ciphers, that are only supported on
some architectures/CPUs and are designed to be faster than a separate
EVP_CIPHER and EVP_MD implementation. The three AEADs are used for less
than ideal cipher suites (if you have hardware support that these use
there are better cipher suite options), plus continuing to support AEADs
via EVP_CIPHER is creating additional code complexity.
ok inoguchi@ tb@
jsing [Mon, 3 Sep 2018 17:45:24 +0000 (17:45 +0000)]
Stop handling AES-GCM via ssl_cipher_get_evp().
All of the AES-GCM ciphersuites use the EVP_AEAD interface, so there is no
need to support them via EVP_CIPHER.
ok inoguchi@ tb@
gilles [Mon, 3 Sep 2018 17:41:55 +0000 (17:41 +0000)]
bump max line size
ok eric@
jsing [Mon, 3 Sep 2018 17:41:13 +0000 (17:41 +0000)]
Clean up SSL_DES and SSL_IDEA remnants.
All ciphersuites that used these encryption algorithms were removed some
time ago.
ok bcook@ inoguchi@ tb@
jmc [Mon, 3 Sep 2018 13:27:43 +0000 (13:27 +0000)]
document "wrapper" in the local section; from matt schwartz
ok gilles
while here, fix some spelling at eol whitespace introduced in previous;
eric [Mon, 3 Sep 2018 11:48:27 +0000 (11:48 +0000)]
use new smarthost syntax in log message
eric [Mon, 3 Sep 2018 11:30:14 +0000 (11:30 +0000)]
Update and document syntax for smarthost string in smtpd.conf:
- the +auth specifier is removed: it is implied by the presence of an
auth label in the rest of the string
- secure:// is removed: use smtp+tls:// or smtps://
- tls:// is replaced by smtp+tls://
- smtp:// becomes SMTP with opportunistic STARTTLS
- smtp+tls:// becomes SMTP with mandatory STARTTLS
Adjust your config file accordingly.
ok gilles@
nicm [Mon, 3 Sep 2018 08:51:43 +0000 (08:51 +0000)]
Allow a large line number to go to the end with goto-line, from Mark
Kelly in GitHub issue 1460.
nicm [Mon, 3 Sep 2018 08:47:27 +0000 (08:47 +0000)]
Fix selection test, from Takeshi Banse.
miko [Mon, 3 Sep 2018 05:37:32 +0000 (05:37 +0000)]
Remove round_buffersize function from drivers using the default buffersize
provided by the upper layer audio driver.
ok ratchov@
gilles [Sun, 2 Sep 2018 21:06:44 +0000 (21:06 +0000)]
mailaddr matching was working for the exact and domain match, but not when
only a user-part was supplied.
ok millert@ and eric@
tb [Sun, 2 Sep 2018 20:29:01 +0000 (20:29 +0000)]
Remove a few unnecessary casts
bluhm [Sun, 2 Sep 2018 20:09:29 +0000 (20:09 +0000)]
Print SKIPPED if package wycheproof-testvectors is missing. This
is the magic string that is recognized by my test framework.
OK tb@
tb [Sun, 2 Sep 2018 17:29:17 +0000 (17:29 +0000)]
Remove ECDH from TODO list. Done!
tb [Sun, 2 Sep 2018 17:28:01 +0000 (17:28 +0000)]
Unify FAIL printfs.
tb [Sun, 2 Sep 2018 17:24:02 +0000 (17:24 +0000)]
After libcrypto/ecdh/ech_key.c -r1.8 fixed the failing test cases, remove
two noisy INFO and reorder things a bit.
tb [Sun, 2 Sep 2018 17:20:31 +0000 (17:20 +0000)]
Elliptic curve arithmetic only makes sense between points that belong to
the same curve. Some Wycheproof tests violate this assumption, making
ECDH_compute_key() compute and return garbage. Check that pub_key lies
on the curve of the private key so that the calculations make sense.
Most paths that get here have this checked (in particular those from
OpenSSH and libssl), but one might get here after using d2i_* or manual
computation.
discussed with & ok jsing;
"good catch!" markus
tb [Sun, 2 Sep 2018 17:12:01 +0000 (17:12 +0000)]
Run Wycheproof ECDH tests against libcrypto. Some tests currently fail,
will be fixed with the next commit to libcrypto.
tb [Sun, 2 Sep 2018 17:05:51 +0000 (17:05 +0000)]
Use a Boolean rather than repeated string comparison.
bluhm [Sun, 2 Sep 2018 14:32:12 +0000 (14:32 +0000)]
Document how SIGHUP and log rotation works with syslogd(8). Do not
mention the PID file. While there, use .Nm consistently.
wording from schwarze@; deraadt@ cheloha@ millert@ agree
jsg [Sun, 2 Sep 2018 08:28:05 +0000 (08:28 +0000)]
update tradcpp to 0.5.2
ok miko@ bcallah@ deraadt@
landry [Sun, 2 Sep 2018 08:14:25 +0000 (08:14 +0000)]
Update nmea(4) wrt talker ids.
Prodded by semarie@, reworded by jmc@
gilles [Sat, 1 Sep 2018 21:20:32 +0000 (21:20 +0000)]
properly deal with MAILER-DAEMON sender in LMTP
reported and fix tested by Mark Kane
jcs [Sat, 1 Sep 2018 20:50:16 +0000 (20:50 +0000)]
Match on interfaces with Digitizers/Touchscreen collections, as long
as they have an X usage.
Should get basic touchscreen functionality on some common
HID-over-i2c devices like laptops.
jcs [Sat, 1 Sep 2018 20:48:00 +0000 (20:48 +0000)]
For touchscreen devices, use the first HUG_X/Y usage pages found
when looking for logical min/max of screen.
ok kettenis
gilles [Sat, 1 Sep 2018 19:56:28 +0000 (19:56 +0000)]
clarify the forward-only delivery action
remi [Sat, 1 Sep 2018 19:21:10 +0000 (19:21 +0000)]
Prevent ospf6d from starting when another process is listening on the
control socket.
ok florian@
bluhm [Sat, 1 Sep 2018 18:09:14 +0000 (18:09 +0000)]
Accidentally relayd(8) closed file descriptor 0 in the pfe child
process. If env->sc_snmp is initialized with 0, snmp_init() closes
it. Set it to -1 to prevent the close(2).
OK reyk@ benno@ millert@
deraadt [Sat, 1 Sep 2018 17:02:12 +0000 (17:02 +0000)]
Fix errno for post-lock unveil calls
from Jan Klemkow
krw [Sat, 1 Sep 2018 16:55:29 +0000 (16:55 +0000)]
Remove 'overlap_allowance' parameter from bootstrap().
It was added to support Vax. Vax is dead Jim.
ok deraadt@
tb [Sat, 1 Sep 2018 16:23:15 +0000 (16:23 +0000)]
Tweak comment.
miko [Sat, 1 Sep 2018 12:03:31 +0000 (12:03 +0000)]
sync fatalx() message between smtp_client_{state,response}; ok stsp@ gilles@
stsp [Sat, 1 Sep 2018 08:20:56 +0000 (08:20 +0000)]
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network
selection algorithm (apart from disabling the feature by clearing
the join list). Automatic selection is based on heuristics which
cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were
both visible in the scan and only 'nwid foo' was a member of the
join list, then there was no way at all to connect to 'nwid bar'.
The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic
network selection and force the use of ESSID 'bar'.
Any of these commands will re-enable automatic network selection:
ifconfig iwm0 -nwid
ifconfig iwm0 nwid ''
ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
jmc [Sat, 1 Sep 2018 06:27:32 +0000 (06:27 +0000)]
update currency exchange rates;
landry [Sat, 1 Sep 2018 06:09:26 +0000 (06:09 +0000)]
Recognize more talker IDs when parsing NMEA RMC messages
The NMEA 0183 standard says that the first two chars correspond to the
'source' of the message, right now we were only looking for 'GP' prefix
for 'GPS', but this can also be 'GL' for Glonass, 'BD' for BeiDou, 'GA'
for Galileo, or 'GN' for a generic GNSS source.
Match the RMC messages from all those variants, with this i'm able to
use my navilock nl-8002u (which uses GNRMC) as a timedelta sensor for
ntpd, and i have my GPS position in the nmea(4) sensors.
ok deraadt@
tb [Sat, 1 Sep 2018 05:57:23 +0000 (05:57 +0000)]
Remove RSA-PSS from todo-list
tb [Sat, 1 Sep 2018 05:56:24 +0000 (05:56 +0000)]
Run Wycheproof RSASSA-PSS testvectors against libcrypto.
jmatthew [Fri, 31 Aug 2018 22:35:01 +0000 (22:35 +0000)]
jmc points out that the Nd should match the description in pci(4)
bluhm [Fri, 31 Aug 2018 19:06:08 +0000 (19:06 +0000)]
Unsetting Initialized during syslogd die() is a relic from the time
when we had real signal handlers. But now we use libevent, so
remove the old logic.
OK deraadt@ millert@
deraadt [Fri, 31 Aug 2018 18:45:02 +0000 (18:45 +0000)]
the main process must chdir to /, since it cannot have daemon() do the
job at startup. After much anguish I accept dlg's solution of chdir
for the problem ("starting ntpd on a filesystem I want to unmount"),
but we cannot change the main-process daemon() call. Why? Because
the ntpd privsep design predates more modern designs where the config
file is parsed once, and configuration marshalled to the fork+exec
children. Instead each ntpd process re-parses the config, and if
we chdir before fork+exec startup, it will move the basedir causing
-f "relativepath" to fail.
discussed with florian
jsing [Fri, 31 Aug 2018 18:31:34 +0000 (18:31 +0000)]
Remove unused argument to tls1_change_cipher_state_cipher().
tb [Fri, 31 Aug 2018 17:35:21 +0000 (17:35 +0000)]
Instead of enumerating the files to clean by hand, set PROGS=${TESTS}.
Suggested by jsing
miko [Fri, 31 Aug 2018 16:32:31 +0000 (16:32 +0000)]
remove shadow variables for 'error' in usbioctl(); ok mpi@ ratchov@
naddy [Fri, 31 Aug 2018 15:56:42 +0000 (15:56 +0000)]
clarify that patterns are extended regular expressions; ok millert@ phessler@
yasuoka [Fri, 31 Aug 2018 15:18:02 +0000 (15:18 +0000)]
Dont print "default" for "0.0.0.0" if it is a host route.
diff from asou at soum.co.jp
ok claudio kn
mpi [Fri, 31 Aug 2018 12:55:46 +0000 (12:55 +0000)]
Cadd a TDB `tdb' instead of `sa'.
No functionnal change.
ok deraadt@, bluhm@, visa@
bluhm [Fri, 31 Aug 2018 11:57:04 +0000 (11:57 +0000)]
Pass the correct size to free(9) in the error path of db_ctf_decompress().
OK jasper@
eric [Fri, 31 Aug 2018 07:28:27 +0000 (07:28 +0000)]
switch to improved incoming message parser:
- simpler interface not using callbacks
- no hard-coded line length
- avoid unnecessary string copy
ok gilles@
miko [Fri, 31 Aug 2018 07:18:18 +0000 (07:18 +0000)]
ich variable is only used in DPRINTF() and uaudio_get_cluster_nchan()
has no side effect, so setting value for ich can be moved under
UAUDIO_DEBUG.
ok ratchov
jsg [Fri, 31 Aug 2018 05:20:36 +0000 (05:20 +0000)]
fix fd leak in an error path
ok mpi@
visa [Fri, 31 Aug 2018 04:20:37 +0000 (04:20 +0000)]
Move kcov device definitions into <sys/conf.h>.
OK anton@ deraadt@ kettenis@ mpi@
jcs [Fri, 31 Aug 2018 02:32:57 +0000 (02:32 +0000)]
sync
jcs [Fri, 31 Aug 2018 02:32:29 +0000 (02:32 +0000)]
Add more uhid devices, 8 total
ok deraadt
jmatthew [Fri, 31 Aug 2018 00:10:20 +0000 (00:10 +0000)]
mention bnxt(4)
jmatthew [Fri, 31 Aug 2018 00:09:13 +0000 (00:09 +0000)]
enable bnxt(4)
bluhm [Thu, 30 Aug 2018 19:34:37 +0000 (19:34 +0000)]
Use correct environment variable to access remote machine.
tb [Thu, 30 Aug 2018 18:36:59 +0000 (18:36 +0000)]
Make sure to clean up the .d files with 'make clean'
jsing [Thu, 30 Aug 2018 16:56:16 +0000 (16:56 +0000)]
Nuke ssl_pending/ssl_shutdown function pointers.
ssl3_pending() is used for all protocols and dtls1_shutdown() just calls
ssl3_shutdown(), so just call the appropriate function directly instead.
ok beck@ inoguchi@ tb@
patrick [Thu, 30 Aug 2018 14:39:46 +0000 (14:39 +0000)]
Move .dynstr before _edata to fix image size calculation. The PE
header contains an image size field that is calculated using the
difference between the start of the header and edata. Since we
copy out .dynstr into the EFI binary, make sure that .dynstr is
before edata so that it's included in the image size. This makes
it consistent with efiboot on armv7.
ok kettenis@
krw [Thu, 30 Aug 2018 13:07:19 +0000 (13:07 +0000)]
Practice safe free()'ing by setting alloc to NULL to
prevent double free.
Spotted by jsg@, simpler fix by myself and miko@.
ok jsg@
krw [Thu, 30 Aug 2018 12:30:08 +0000 (12:30 +0000)]
Never let FS_RAID partition be named, a.k.a. given a mount point.
Nuke pointless and inconsistant error message before one get_mp()
invocation.
ok otto@
jsg [Thu, 30 Aug 2018 12:25:40 +0000 (12:25 +0000)]
fix double free in mib_carpgroupget() error path
ok claudio@ miko@
jsg [Thu, 30 Aug 2018 12:14:30 +0000 (12:14 +0000)]
fix memory leak in an error path
ok patrick@
eric [Thu, 30 Aug 2018 11:58:01 +0000 (11:58 +0000)]
fix use-after-free
spotted by jsg@
input from jsg@ miko@
jmatthew [Thu, 30 Aug 2018 11:18:21 +0000 (11:18 +0000)]
Set up an aggregation buffer ring and configure placement mode so data
that doesn't fit in the rx buffer goes into an aggregation buffer,
allowing jumbo frames to be received. Using 8k aggregation buffers
means we'll only ever need one per packet.
When receiving jumbos, sometimes we get an interrupt before all three
of the completion events are ready, in which case we should not consume
the events that are ready. Expanding the completion ring makes this
happen less frequently, so allocate four cp ring pages instead of one.
kettenis [Thu, 30 Aug 2018 10:11:34 +0000 (10:11 +0000)]
Move softbutton check before the check that skips attaching certain acpi
devices. Fixes regression caused by matching on _CID in addition to
matching on _HID.
ok matthieu@, mlarkin@
claudio [Thu, 30 Aug 2018 08:30:05 +0000 (08:30 +0000)]
Use past tense for treated as withdrawn since the withdraw happened in the past.
From and with jmc@
anton [Thu, 30 Aug 2018 06:16:30 +0000 (06:16 +0000)]
Remove dead code related to tty allocation for ptys. Back in revision 1.17 of
kern/tty_pty.c, allocation of ptys was made dynamic with the introduction of
check_pty(). Every time a new struct pty is allocated its corresponding struct
tty is also allocated. It's therefore no longer necessary to ensure that a pty
has a tty allocated after calling check_pty().
ok deraadt@ millert@ mpi@ visa@
visa [Thu, 30 Aug 2018 03:30:25 +0000 (03:30 +0000)]
Split the system-wide list of all futexes into process-specific lists
of private futexes and a shared list of shared futexes. This speeds up
futex lookups.
Tested by and OK krw@
OK mpi@
jcs [Thu, 30 Aug 2018 03:26:08 +0000 (03:26 +0000)]
/dev/usbN devices no longer support poll as of 2011 when "USB
events" were ripped out, so remove the sentence about monitoring for
USB device attachment to avoid filling developers with hope only to
crush their spirit when they implement the poll code only to find
out it doesn't do anything at all.
yasuoka [Thu, 30 Aug 2018 01:32:53 +0000 (01:32 +0000)]
Fix "route add 0.0.0.0/0 <gateway>" to work properly. Shift count
beyonds the integer width results undefined behavior in C spec.
Actually the count is masked by 0x1f on amd64. Found by asou at
soum.co.jp
ok claudio kn schwarze
kettenis [Wed, 29 Aug 2018 20:18:14 +0000 (20:18 +0000)]
Remove unused struct member.
ok deraadt@, mlarkin@
claudio [Wed, 29 Aug 2018 19:52:23 +0000 (19:52 +0000)]
Introduce 'bgpctl show rib error' to show all prefixes that got flagged
invalid because of a soft parsing error. These prefixes are never eligible
or valid but the listing may help to understand what is going on.
'bgpctl show rib error' run automatically on Adj-RIB-In since that is the only
RIB that has such prefixes.
OK sthen@ denis@
claudio [Wed, 29 Aug 2018 19:47:47 +0000 (19:47 +0000)]
Make it possible to filter the RIB for invalid path which resulted in withdrawn
prefixes. This way it should be possible to inspect which prefixes have been
removed. While there also fix dumping of the Adj-RIB-In when requested to do so.
OK sthen@ denis@
tb [Wed, 29 Aug 2018 19:22:32 +0000 (19:22 +0000)]
AES is now done also.
tb [Wed, 29 Aug 2018 19:20:22 +0000 (19:20 +0000)]
Pass algorithm as a string to all *TestGroup functions for consistency.
tb [Wed, 29 Aug 2018 19:18:20 +0000 (19:18 +0000)]
Run Wycheproof AES-GCM testvectors against libcrypto.
tb [Wed, 29 Aug 2018 19:00:41 +0000 (19:00 +0000)]
Calculate and check tag during AES-CCM encryption test.
tb [Wed, 29 Aug 2018 18:59:22 +0000 (18:59 +0000)]
typo
tb [Wed, 29 Aug 2018 18:58:46 +0000 (18:58 +0000)]
Don't fatal on keys of invalid sice, just print an INFO.
nicm [Wed, 29 Aug 2018 18:54:23 +0000 (18:54 +0000)]
Reset line flag when clearing selection, GitHub issue 1454.
eric [Wed, 29 Aug 2018 17:56:17 +0000 (17:56 +0000)]
clean up the imsg structure for getnameinfo lookup results.
fix a crash with ill-configured reverse address.
found by jturner@
ok jturner@ gilles@
anton [Wed, 29 Aug 2018 17:47:07 +0000 (17:47 +0000)]
recognize kcov ioctl commands; ok deraadt@ mpi@ visa@
robert [Wed, 29 Aug 2018 15:56:46 +0000 (15:56 +0000)]
make ld.so build reproducible by including a FILE symbol and by removing
-x from ld; this is only used for syspatch creation so builds are still
randomized just as before
ok guenther@
jca [Wed, 29 Aug 2018 13:47:19 +0000 (13:47 +0000)]
Better description for inet6 eui64, plus consistency tweaks
from Callum R. Davies, ok jmc@
claudio [Wed, 29 Aug 2018 11:46:28 +0000 (11:46 +0000)]
When 'log updates' is enabled make sure that the case of an invalid path
can be distinguished from a withdraw that was caused by a deny filter.
OK sthen@
claudio [Wed, 29 Aug 2018 11:43:15 +0000 (11:43 +0000)]
When checking for AS 0 make sure the full ASPATH is validated and don't
return on the first 0. The other AS_ERR_SOFT cases do the same and ensure
that an ASPATH with an AS_ERR_SOFT is still valid enough for subsequent
manipulation or inspection.
OK benno@
krw [Wed, 29 Aug 2018 11:30:48 +0000 (11:30 +0000)]
Historically /etc/netstart (and the equivalent code in the install
script) did 'ifconfig <if> down' before starting dhclient(8). This was
a way of ensuring old running copies of dhclient were killed before a
new one started. Current dhclient does not need this assist, so change
"ifconfig <if> down" to "ifconfig <if> up" pending further script
optimizations.
Similar to a 2014 attempt by halex@. Prompted by a misc@ report
from Kristjan Komlosi reporting hanging diskless setups.
ok halex@ kn@
nicm [Wed, 29 Aug 2018 09:50:32 +0000 (09:50 +0000)]
Keep any text killed in the command prompt with C-w and yank it with
C-y, only use the top buffer if no text has previously been killed. This
and previous change promped by discussion with kn@.
nicm [Wed, 29 Aug 2018 08:56:51 +0000 (08:56 +0000)]
Add C-Left and C-Right as aliases for M-b and M-f.
claudio [Wed, 29 Aug 2018 08:51:49 +0000 (08:51 +0000)]
Adjust comment to make it clear that a NULL nexthop is actually eligable
remi [Wed, 29 Aug 2018 08:43:16 +0000 (08:43 +0000)]
Prevent ospfd from starting if another ospfd is already using the same
socket. The check on the control socket happens early so that the rc
scripts detect a failure.
OK claudio@ florian@
reyk [Wed, 29 Aug 2018 07:50:16 +0000 (07:50 +0000)]
Add set-case-replaced to toggle case-preserving replace on or off.
By default, replacing "foo" with "bar" turns "FOO" into "BAR".
With case-replace turned off, "FOO" will turn into "bar".
OK florian@ tb@