openbsd
5 months agoIntroduce a ring buffer for log_sockaddr() this way log_addr() can be
claudio [Wed, 29 May 2024 10:34:07 +0000 (10:34 +0000)]
Introduce a ring buffer for log_sockaddr() this way log_addr() can be
used more then once in a log message (e.g. log_peer_warnx + log_addr.
OK henning@ sthen@

5 months agodocument qwx(4) caveats and known bugs
stsp [Wed, 29 May 2024 09:04:12 +0000 (09:04 +0000)]
document qwx(4) caveats and known bugs

5 months agofix WEP on athn(4) USB hostap
stsp [Wed, 29 May 2024 07:27:33 +0000 (07:27 +0000)]
fix WEP on athn(4) USB hostap

Deferring installation of software crypto keys to a task context is
not needed and results in race conditions that trigger the infamous
"key not installed for sw crypto" panic.

5 months agorepair qwx(4) WEP and TKIP via software crypto
stsp [Wed, 29 May 2024 07:24:26 +0000 (07:24 +0000)]
repair qwx(4) WEP and TKIP via software crypto

It is difficult to make WEP and WPA1/TKIP work with hardware crypto.
Add a comment which explains why.

Ensure that setkey task state is properly cleared when the interface
goes down. This issue was found while trying to add WEP keys for hw
crypto, but is still worth fixing in general.

Also, use m_makespace to append trailing padding for the MIC when
hardware crypto is used in combination with "raw" frame mode (not
the default), instead of blindly adjusting m_len.

ok kevlo@

5 months agoregen
jsg [Wed, 29 May 2024 06:49:38 +0000 (06:49 +0000)]
regen

5 months agoanother apple bluetooth; from jon@elytron.openbsd.amsterdam
jsg [Wed, 29 May 2024 06:48:43 +0000 (06:48 +0000)]
another apple bluetooth; from jon@elytron.openbsd.amsterdam

5 months agoindent with tabs not spaces; from jon@elytron.openbsd.amsterdam
jsg [Wed, 29 May 2024 06:39:13 +0000 (06:39 +0000)]
indent with tabs not spaces; from jon@elytron.openbsd.amsterdam

5 months agoremove externs with no matching var
jsg [Wed, 29 May 2024 01:11:53 +0000 (01:11 +0000)]
remove externs with no matching var

5 months agoremove prototypes with no matching function
jsg [Wed, 29 May 2024 00:48:14 +0000 (00:48 +0000)]
remove prototypes with no matching function

5 months agodocument MODPY_COMPILEALL, MODPY_PYTEST_USERARGS
sthen [Tue, 28 May 2024 16:05:39 +0000 (16:05 +0000)]
document MODPY_COMPILEALL, MODPY_PYTEST_USERARGS

5 months agoTest that invalid operations push the X509V3_R_UNSUPPORTED_OPTION error
tb [Tue, 28 May 2024 15:42:09 +0000 (15:42 +0000)]
Test that invalid operations push the X509V3_R_UNSUPPORTED_OPTION error

5 months agoClean up and fix X509V3_EXT_add1_i2d()
tb [Tue, 28 May 2024 15:40:38 +0000 (15:40 +0000)]
Clean up and fix X509V3_EXT_add1_i2d()

When looking at this code I noticed a few leaks. Fixing those leaks
was straightforward, but following the code was really hard.

This attempts to make the logic a bit clearer. In short, there are
6 mutually exclusive modes for this function (passed in the variable
aptly called flags). The default mode is to append the extension of
type nid and to error if such an extension already exists. Then there
are other modes with varying degree of madness.

The existing code didn't make X509V3_ADD_REPLACE explicit, which is
confusing. Operations 6-15 would all be treated like X509V3_ADD_REPLACE
due to the way the function was written. Handle the supported operations
via a switch and error for operations 6-15. This and the elimination
of leaks are the only changes of behavior, as validated by relatively
extensive test coverage.

ok jsing

5 months agoAdd regress coverage for X509V3_add1_i2d()
tb [Tue, 28 May 2024 15:33:35 +0000 (15:33 +0000)]
Add regress coverage for X509V3_add1_i2d()

5 months agoRework the pmap ASID handling to not require the SCHED_LOCK
claudio [Tue, 28 May 2024 15:16:45 +0000 (15:16 +0000)]
Rework the pmap ASID handling to not require the SCHED_LOCK

The ASID lookup code already uses its own mutex (pmap_asid_mtx)
and this mutex is enough to ensure that pmap_rollover_asid()
is safe. Now only the generation number check in pmap_setttb()
is done without the lock but the update of the pmap_asid_gen
is now atomic so using READ_ONCE there is enough.

OK kettenis@ mpi@

5 months agoremove outdated zlib version information
tb [Tue, 28 May 2024 13:42:06 +0000 (13:42 +0000)]
remove outdated zlib version information

from jan stary
fine with jmc

5 months agoremove space between function names and argument list
jsg [Tue, 28 May 2024 13:21:13 +0000 (13:21 +0000)]
remove space between function names and argument list

5 months agoreturn type on a dedicated line when declaring functions
jsg [Tue, 28 May 2024 13:02:45 +0000 (13:02 +0000)]
return type on a dedicated line when declaring functions
ok stsp@

5 months agoremove maxmem extern, var removed from all archs long ago
jsg [Tue, 28 May 2024 12:50:23 +0000 (12:50 +0000)]
remove maxmem extern, var removed from all archs long ago

5 months agoremove uvm_swpkeyexpire extern for var we never had
jsg [Tue, 28 May 2024 12:31:24 +0000 (12:31 +0000)]
remove uvm_swpkeyexpire extern for var we never had

5 months agovio(4): fix jumbo frames
jan [Tue, 28 May 2024 12:11:26 +0000 (12:11 +0000)]
vio(4): fix jumbo frames

vio_rx_offload() was called too early.  So, the consistency checks
of ether_extact() cause wrong packet detection and wrong checkums.

also tested by bluhm

ok bluhm@

5 months agoGarbage collect sleep_abort(); it doesn't do anything useful anymore.
kettenis [Tue, 28 May 2024 09:40:40 +0000 (09:40 +0000)]
Garbage collect sleep_abort(); it doesn't do anything useful anymore.

ok deraadt@, mlarkin@

5 months agocpu_emergency_disable() was only used by mvme88k and can be removed now.
claudio [Tue, 28 May 2024 09:27:54 +0000 (09:27 +0000)]
cpu_emergency_disable() was only used by mvme88k and can be removed now.

This removes one of the SCHED_LOCK usages in arch.
OK miod@

5 months agoremove unused isa/cs4231var.h
jsg [Tue, 28 May 2024 09:27:08 +0000 (09:27 +0000)]
remove unused isa/cs4231var.h

5 months agofix previous such that firmware crash recovery happens in non-debug builds
stsp [Tue, 28 May 2024 09:26:55 +0000 (09:26 +0000)]
fix previous such that firmware crash recovery happens in non-debug builds

5 months agoRemove the bcmmbox_write(BCMMBOX_CHANPM, ...) call in bcmmbox_attach().
claudio [Tue, 28 May 2024 09:19:04 +0000 (09:19 +0000)]
Remove the bcmmbox_write(BCMMBOX_CHANPM, ...) call in bcmmbox_attach().

This command locks up my RaspberryPi 4 while it seems to have no effect
for other devices. First of all u-boot will already enable power for us
plus it seems that more is needed than just this write to be really
effective. Why my rpi4 locks up is still unclear but this is now a
pure u-boot issue.

Tested by kettenis@ on his working rpi4 and rpi2
OK kettenis@

5 months agoTry to reset qwx(4) devices when firmware crashes and move firmware memory
stsp [Tue, 28 May 2024 09:07:32 +0000 (09:07 +0000)]
Try to reset qwx(4) devices when firmware crashes and move firmware memory
dumping code into QWX_DEBUG because it is only needed by developers.

Spotted by jsg@

5 months agoMake qwx(4) offload TKIP and CCMP crypto to hardware.
stsp [Tue, 28 May 2024 08:34:52 +0000 (08:34 +0000)]
Make qwx(4) offload TKIP and CCMP crypto to hardware.

This reduces CPU load during interrupts, but more importantly works
around an apparent firmware bug where incoming encrypted broadcast
and multicast frames are dropped by firmware if the hardware crypto
engine is unused. (This problem also affects Linux ath11k upstream.)
Offloading CCMP to hardware hence fixes ARP and IPv6 multicast with WPA2.

However, there are known issues with WPA1 and WEP:

While the WPA1 pairwise handshake succeeds, the TKIP group key handshake
fails for unknown reasons, resulting in association failure.

WEP is broken because software crypto is skipped entirely when the driver
uses the "native wifi" frame mode. This results in all packets being sent
in plaintext while WEP is active. In the future, we should be able to fix
this by offloading WEP to hardware as well, or by setting the frame mode
back to "raw" if WEP is used.

If the TKIP/WEP issues affect you badly then take this as an opportunity
to upgrade the access point to WPA2/AES where possible.

Tested by kettenis, kevlo, and myself.
ok kevlo@

5 months agoactually honour the services supported by the proc tables
op [Tue, 28 May 2024 07:10:30 +0000 (07:10 +0000)]
actually honour the services supported by the proc tables

ok gilles@

5 months agouse ansi style function decls to fix build with clang
jsg [Tue, 28 May 2024 05:46:32 +0000 (05:46 +0000)]
use ansi style function decls to fix build with clang

5 months agouse a more up to date example for a checksum example;
jmc [Tue, 28 May 2024 05:09:19 +0000 (05:09 +0000)]
use a more up to date example for a checksum example;
example suggested by/ok djm

5 months agoMove ccb access before ccb_done to avoid a potential use-after-free
jsg [Tue, 28 May 2024 01:37:53 +0000 (01:37 +0000)]
Move ccb access before ccb_done to avoid a potential use-after-free
if pages can be freed from interrupt context.  ok dlg@

5 months agoavoid uninitialised var use when scsi_get_link() returns NULL
jsg [Tue, 28 May 2024 00:24:44 +0000 (00:24 +0000)]
avoid uninitialised var use when scsi_get_link() returns NULL
found by smatch, ok krw@

5 months agoopenssl x509: rename pub_key to dsa_pub_key
tb [Mon, 27 May 2024 16:12:55 +0000 (16:12 +0000)]
openssl x509: rename pub_key to dsa_pub_key

suggested by jsing

5 months agoopenssl: enable -Wshadow for clang
tb [Mon, 27 May 2024 16:11:43 +0000 (16:11 +0000)]
openssl: enable -Wshadow for clang

ok job jsing

5 months agoopenssl: avoid shadowed pkeys in x509.c
tb [Mon, 27 May 2024 16:11:16 +0000 (16:11 +0000)]
openssl: avoid shadowed pkeys in x509.c

ok job jsing

5 months agoRevert NVME_GONE. Literal 0xffffffff is the preferred idiom here.
krw [Mon, 27 May 2024 14:46:26 +0000 (14:46 +0000)]
Revert NVME_GONE. Literal 0xffffffff is the preferred idiom here.

Requested by deraadt@

5 months agoReplace repeated uses of magic number 0xffffffff with nice #define NVME_GONE.
krw [Mon, 27 May 2024 14:18:02 +0000 (14:18 +0000)]
Replace repeated uses of magic number 0xffffffff with nice #define NVME_GONE.
Name taken from FreeBSD.

Add separate #define NVME_TIMO_PT for passthrough command poll timeout. Same
value as the currently reused NVME_TIMO_QOP.

No functional change.

5 months agosync
deraadt [Mon, 27 May 2024 13:27:06 +0000 (13:27 +0000)]
sync

5 months agoUse SCSI xfer timeout value for doorbell register status polling instead of
mglocker [Mon, 27 May 2024 10:27:58 +0000 (10:27 +0000)]
Use SCSI xfer timeout value for doorbell register status polling instead of
an own introduced timeout value.  This fixes an SCSI SYNC command timeout
seen during suspend.

5 months agoSet sc_state to ACPI_STATE_S0 at the end of resume instead of at the start
kettenis [Mon, 27 May 2024 09:31:58 +0000 (09:31 +0000)]
Set sc_state to ACPI_STATE_S0 at the end of resume instead of at the start
such that ACPI resume code can see what state we're resuming from.

ok deraadt@

5 months agoremove unused typedefs with structs that were removed
jsg [Mon, 27 May 2024 09:12:31 +0000 (09:12 +0000)]
remove unused typedefs with structs that were removed

ENGINE, SSL and SSL_CTX remain even though the structs in the typedefs
don't exist as they are used as incomplete types.

feedback, ports bulk build and ok tb@

5 months agoDecode remaining ID_AA64ISAR1_EL1 features.
kettenis [Mon, 27 May 2024 06:20:59 +0000 (06:20 +0000)]
Decode remaining ID_AA64ISAR1_EL1 features.

ok jsg@

5 months agoremove unused xmphyreg.h
jsg [Mon, 27 May 2024 04:58:43 +0000 (04:58 +0000)]
remove unused xmphyreg.h

5 months agoinclude net/if_var.h to make this build
jsg [Mon, 27 May 2024 03:56:59 +0000 (03:56 +0000)]
include net/if_var.h to make this build

5 months agodon't need sys/queue.h here
djm [Mon, 27 May 2024 01:52:26 +0000 (01:52 +0000)]
don't need sys/queue.h here

5 months agodrm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()
jsg [Mon, 27 May 2024 00:54:00 +0000 (00:54 +0000)]
drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()

From Srinivasan Shanmugam
c364e7a34c85c2154fb2e47561965d5b5a0b69b1 in linux-6.6.y/6.6.32
b8d55a90fd55b767c25687747e2b24abd1ef8680 in mainline linux

5 months agodrm/amd/display: Fix division by zero in setup_dsc_config
jsg [Mon, 27 May 2024 00:51:31 +0000 (00:51 +0000)]
drm/amd/display: Fix division by zero in setup_dsc_config

From Jose Fernandez
7e4f50dfc98c49b3dc6875a35c3112522fb25639 in linux-6.6.y/6.6.32
130afc8a886183a94cf6eab7d24f300014ff87ba in mainline linux

5 months agoRevert bits that got accidentally committed.
kettenis [Sun, 26 May 2024 22:04:52 +0000 (22:04 +0000)]
Revert bits that got accidentally committed.

spotted by patrick@

5 months agoremove references to SSH1 and DSA server keys
naddy [Sun, 26 May 2024 20:35:12 +0000 (20:35 +0000)]
remove references to SSH1 and DSA server keys

5 months agoFix suspend/resume for ums(4) and umt(4); Calling hidm*_attach not at the
mglocker [Sun, 26 May 2024 20:06:27 +0000 (20:06 +0000)]
Fix suspend/resume for ums(4) and umt(4);  Calling hidm*_attach not at the
end of the device driver attach function can cause accessops functions to
be called by wscons(4) *before* the device has completed its attach
procedure.  In this case this has led the device driver to ignore
interrupts after resume, because during resume ums_disable/umt_disable
were called last, *after* ums_enable/umt_enable.

OK phessler@

5 months agoClear interrupt status to prevent power down after resume initiated by
kettenis [Sun, 26 May 2024 18:06:21 +0000 (18:06 +0000)]
Clear interrupt status to prevent power down after resume initiated by
pressing the power button.

ok patrick@

5 months agoAdd support for configuring sleep voltage settings based on device tree
kettenis [Sun, 26 May 2024 13:40:54 +0000 (13:40 +0000)]
Add support for configuring sleep voltage settings based on device tree
properties for the RK809.

ok patrick@

5 months agoImplement wakeup interrupts on amd64. Provide a dummy implementation for
kettenis [Sun, 26 May 2024 13:37:31 +0000 (13:37 +0000)]
Implement wakeup interrupts on amd64.  Provide a dummy implementation for
i386 such that we can call the necessary hooks in the suspend/resume code
without adding #ifdefs.  Tweak the arm64 implementation such that we can
call the hooks earlier as this is necessary to mask MSI and MSI-X
interrupts on arm64.

ok deraadt@, mlarkin@

5 months agoremove unneeded includes
jsg [Sun, 26 May 2024 10:01:01 +0000 (10:01 +0000)]
remove unneeded includes

5 months agoRemove documentation of optional md in one-step hashes
tb [Sun, 26 May 2024 09:54:16 +0000 (09:54 +0000)]
Remove documentation of optional md in one-step hashes

This functionality will be removed, so stop documenting it. Instead
mention that another implementation still supports this.

5 months agoremove unneeded includes
jsg [Sun, 26 May 2024 08:46:28 +0000 (08:46 +0000)]
remove unneeded includes

5 months agocorrect an argument to fix build, broken by rev 1.22 in 2013
jsg [Sun, 26 May 2024 03:28:54 +0000 (03:28 +0000)]
correct an argument to fix build, broken by rev 1.22 in 2013

5 months agoEliminate last timegm() correctly this time
tb [Sat, 25 May 2024 18:59:03 +0000 (18:59 +0000)]
Eliminate last timegm() correctly this time

Also add a test case with a generalized time representing the moment
one second past the 32-bit epoch wrap.

5 months agosync inclusion of <stdlib.h> from libcrypto
tb [Sat, 25 May 2024 15:14:26 +0000 (15:14 +0000)]
sync inclusion of <stdlib.h> from libcrypto

5 months agoInclude <stdint.h> in the bytestring .c files
tb [Sat, 25 May 2024 15:12:47 +0000 (15:12 +0000)]
Include <stdint.h> in the bytestring .c files

They currently depend on bytestring.h pulling that in.

discussed with jsing

5 months agoRevert previous
tb [Sat, 25 May 2024 12:47:25 +0000 (12:47 +0000)]
Revert previous

It wasn't quite right, but I also think the test is bogus.

5 months agoasn1time: another use of gmtime was hiding here
tb [Sat, 25 May 2024 06:42:15 +0000 (06:42 +0000)]
asn1time: another use of gmtime was hiding here

5 months agoEnable UFS "Auto-Hibernation". From the documentation:
mglocker [Fri, 24 May 2024 20:34:06 +0000 (20:34 +0000)]
Enable UFS "Auto-Hibernation".  From the documentation:
Auto-hibernate allows the host controller to put UniPro link into Hibernate
state autonomously.

5 months agodes_local.h: Remove some unused macros
tb [Fri, 24 May 2024 19:21:58 +0000 (19:21 +0000)]
des_local.h: Remove some unused macros

5 months agoRemove documentation of DES_enc_{read,write} and DES_rw_mode
tb [Fri, 24 May 2024 19:18:07 +0000 (19:18 +0000)]
Remove documentation of DES_enc_{read,write} and DES_rw_mode

ok jsing

5 months agoStub out DES_enc_{read,write}(3)
tb [Fri, 24 May 2024 19:16:53 +0000 (19:16 +0000)]
Stub out DES_enc_{read,write}(3)

The most terrible code in OpenSSL has its roots in libdes, which came
before SSLeay. Hello, LHASH. Hello speed app. Hello DES (obviously).
There are some diary-style changelog comments dating all the way back
to 1990.

/* This has some uglies in it but it works - even over sockets. */

Well, kind of:

 * -  This code cannot handle non-blocking sockets.

Also:

/* >output is a multiple of 8 byes, if len < rnum
 * >we must be careful.  The user must be aware that this
 * >routine will write more bytes than he asked for.
 * >The length of the buffer must be correct.
 * FIXED - Should be ok now 18-9-90 - eay */

Or

/* This is really a bad error - very bad
 * It will stuff-up both ends. */

Or

#ifdef _LIBC
       extern unsigned long time();
       extern int write();
#endif

I can't even...

Delete, delete, delete.

ok jsing

5 months agosync
deraadt [Fri, 24 May 2024 18:15:12 +0000 (18:15 +0000)]
sync

5 months agoRemove target getting in the way of config.status and causing compilation
miod [Fri, 24 May 2024 16:44:12 +0000 (16:44 +0000)]
Remove target getting in the way of config.status and causing compilation
failure when using make -j; this used to be hidden because of the objective-C
generated files, which are no longer built. No change for regular make.

5 months agosync
deraadt [Fri, 24 May 2024 16:35:12 +0000 (16:35 +0000)]
sync

5 months agosndiod: Set the display string of all server.device entries
ratchov [Fri, 24 May 2024 15:21:35 +0000 (15:21 +0000)]
sndiod: Set the display string of all server.device entries

with help from edd@ and armani@

5 months agosndiod: Propagate the controls' display string to clients.
ratchov [Fri, 24 May 2024 15:16:09 +0000 (15:16 +0000)]
sndiod: Propagate the controls' display string to clients.

with help from edd@ and armani@

5 months agosndio: Add a display string to the sioctl_open API
ratchov [Fri, 24 May 2024 15:10:26 +0000 (15:10 +0000)]
sndio: Add a display string to the sioctl_open API

For hardware devices, add a server.device control
with a single item and the device name as display
string.

Add the necessary sndioctl(1) bits to print it.

5 months agosndiod: Use a 'unsigned char *' for the pointer to the temp sock buffer
ratchov [Fri, 24 May 2024 15:03:12 +0000 (15:03 +0000)]
sndiod: Use a 'unsigned char *' for the pointer to the temp sock buffer

5 months agosndiod: Hide "hardware" device's server.device control.
ratchov [Fri, 24 May 2024 15:01:53 +0000 (15:01 +0000)]
sndiod: Hide "hardware" device's server.device control.

If sndiod is using another sndiod instance instead of the bare
hardware, then it must disable the underlying server.device
control to avoid conflicts with its own server.device control.

5 months agosndiod: Don't mark as dirty controls that have not been changed
ratchov [Fri, 24 May 2024 15:00:15 +0000 (15:00 +0000)]
sndiod: Don't mark as dirty controls that have not been changed

5 months agotypo: "pwdtries" -> "passwordtries"; ok millert@
op [Fri, 24 May 2024 13:32:03 +0000 (13:32 +0000)]
typo: "pwdtries" -> "passwordtries"; ok millert@

5 months agoUpdate references to new and not quite so new RFCs
tb [Fri, 24 May 2024 12:57:20 +0000 (12:57 +0000)]
Update references to new and not quite so new RFCs

Four warnings now contain "RFC 9582" rather than "RFC 6482bis".
Also update some references to I-Ds.

ok claudio

5 months agoDo not escape $ unless DQ is set, that is the only case where we need to
nicm [Fri, 24 May 2024 12:41:24 +0000 (12:41 +0000)]
Do not escape $ unless DQ is set, that is the only case where we need to
escape it.

5 months agoAdd N to search backwards in tree modes, from Fadi Afani in GitHub issue
nicm [Fri, 24 May 2024 12:39:06 +0000 (12:39 +0000)]
Add N to search backwards in tree modes, from Fadi Afani in GitHub issue
3982.

5 months agoAdd support for NVMe passthrough commands IDENTIFY, GET_LOG_PG and SELFTEST.
krw [Fri, 24 May 2024 12:04:07 +0000 (12:04 +0000)]
Add support for NVMe passthrough commands IDENTIFY, GET_LOG_PG and SELFTEST.

Enables suitably inquisitive software (e.g. smartmontools) to get information on
nvme(4) disks.

Based on work with dlg@ at h2k23, various at p2k24 and subsequent improvements
and tests by jmatthew@.

ok dlg@ for more permissive h2k23 version, jmatthew@

5 months agocapitalize the first word of the -S description
op [Fri, 24 May 2024 11:52:45 +0000 (11:52 +0000)]
capitalize the first word of the -S description

5 months agoremove unneeded includes
jsg [Fri, 24 May 2024 10:05:55 +0000 (10:05 +0000)]
remove unneeded includes

5 months agoAdd support for suspend/resume.
mglocker [Fri, 24 May 2024 09:51:13 +0000 (09:51 +0000)]
Add support for suspend/resume.

ok dlg@

5 months agopfsync must let to progress state for destination peer
sashan [Fri, 24 May 2024 06:38:41 +0000 (06:38 +0000)]
pfsync must let to progress state for destination peer

The issue has been noticed by matthieu@ when he was chasing
cause of excessive pfsync traffic between firewall boxes.
When comparing content of state tables between primary
and backup firewall the backup firewall showed many
states as follows:
ESTABLISHED:SYN_SENT
FIN_WAIT_2:SYN_SENT
*         :SYN_SENT
this is caused by pfsync_upd_tcp() which fails to update
TCP-state for destination connection peer, so it remains
stuck in SYN_SENT.

matthieu@ confirms diff helps with 'stuck-state'. It also
seems to help with excessive pfsync traffic.

ok @dlg

5 months agoremove unneeded includes
jsg [Fri, 24 May 2024 06:26:47 +0000 (06:26 +0000)]
remove unneeded includes

5 months agoremove unneeded includes; ok miod@
jsg [Fri, 24 May 2024 06:02:53 +0000 (06:02 +0000)]
remove unneeded includes; ok miod@

5 months agoadd back var removed in rev 1.7 in 2009, makes puc@cardbus build
jsg [Fri, 24 May 2024 04:36:26 +0000 (04:36 +0000)]
add back var removed in rev 1.7 in 2009, makes puc@cardbus build

5 months agoremove unused struct fwd_perm_list, no decl with complete type
jsg [Thu, 23 May 2024 23:47:16 +0000 (23:47 +0000)]
remove unused struct fwd_perm_list, no decl with complete type
ok djm@

5 months agorequire an error message on table_proc failure replies
op [Thu, 23 May 2024 17:10:00 +0000 (17:10 +0000)]
require an error message on table_proc failure replies

The error message is not really used, it just gets translated to a
TEMPFAIL, but it allows to have mandatory logging of errors instead
of relying on tables to hopefully log something.

To ease the transition, don't make it mandatory in smtpd(8) yet,
but document it as such.

ok millert@, gilles@

5 months agocatch EOFs during table_proc handshake
op [Thu, 23 May 2024 17:05:45 +0000 (17:05 +0000)]
catch EOFs during table_proc handshake

while here also do a s/fatalx/fatal since getline() sets errno on
failure.

ok millert@, gilles@

5 months agoincrement CCMP decryption error counter if hw decrypt fails to get PN
stsp [Thu, 23 May 2024 11:19:13 +0000 (11:19 +0000)]
increment CCMP decryption error counter if hw decrypt fails to get PN

This case will only occur if the IV has been stripped by hardware and
the driver has not cleared the protected bit in the frame header as it
should. Incrementing this counter will make the problem more obvious
when looking at netstat -W output.

No functional change for people who do not work on wifi drivers.

5 months agoregen
kevlo [Thu, 23 May 2024 08:06:45 +0000 (08:06 +0000)]
regen

5 months agoAdd support for Quectel EM060K.
kevlo [Thu, 23 May 2024 08:06:22 +0000 (08:06 +0000)]
Add support for Quectel EM060K.
The Quectel EM060K is set by default to MBIM mode.

Tested by Shawn Chiou
ok jsg@

5 months agoMake signature of SSL_COMP_add_compression_method(3) match reality
tb [Thu, 23 May 2024 06:49:55 +0000 (06:49 +0000)]
Make signature of SSL_COMP_add_compression_method(3) match reality

5 months agoremove unneeded includes; ok mpi@
jsg [Thu, 23 May 2024 03:21:08 +0000 (03:21 +0000)]
remove unneeded includes; ok mpi@

5 months agox509_v3.c: indent labels
tb [Thu, 23 May 2024 02:00:38 +0000 (02:00 +0000)]
x509_v3.c: indent labels

5 months agox509_v3.c: remove an unnecessary else
tb [Thu, 23 May 2024 01:57:32 +0000 (01:57 +0000)]
x509_v3.c: remove an unnecessary else

5 months agox509_v3.c: consistently call STACK_OF(X509_EXTENSIONS) arguments sk
tb [Thu, 23 May 2024 01:56:14 +0000 (01:56 +0000)]
x509_v3.c: consistently call STACK_OF(X509_EXTENSIONS) arguments sk

(where it doesn't conflict with a local variable)

5 months agox509_v3.c: zap another pointless local variable
tb [Thu, 23 May 2024 01:52:05 +0000 (01:52 +0000)]
x509_v3.c: zap another pointless local variable

5 months agox509_v3.c: add a few empty lines
tb [Thu, 23 May 2024 01:50:52 +0000 (01:50 +0000)]
x509_v3.c: add a few empty lines