openbsd
8 months agoPOSIX defines inet_ntoa, not inet_aton.
bentley [Wed, 6 Mar 2024 07:29:37 +0000 (07:29 +0000)]
POSIX defines inet_ntoa, not inet_aton.

ok deraadt@ jmc@

8 months agoregen
jsg [Wed, 6 Mar 2024 07:01:53 +0000 (07:01 +0000)]
regen

8 months agoadd AMD Instinct MI300 device ids
jsg [Wed, 6 Mar 2024 07:01:24 +0000 (07:01 +0000)]
add AMD Instinct MI300 device ids

8 months agoadd missing Ev macro; from mail at lukasneukom ch
jmc [Wed, 6 Mar 2024 06:26:22 +0000 (06:26 +0000)]
add missing Ev macro; from mail at lukasneukom ch

8 months agofix memory leak in mux proxy mode when requesting forwarding.
djm [Wed, 6 Mar 2024 02:59:59 +0000 (02:59 +0000)]
fix memory leak in mux proxy mode when requesting forwarding.

found by RASU JSC, reported by Maks Mishin in GHPR#467

8 months agosync
tb [Wed, 6 Mar 2024 02:35:01 +0000 (02:35 +0000)]
sync

8 months agoRemove CRL method API documentation
tb [Wed, 6 Mar 2024 02:34:14 +0000 (02:34 +0000)]
Remove CRL method API documentation

8 months agowrap a few PKCS#11-specific bits in ENABLE_PKCS11
djm [Wed, 6 Mar 2024 00:31:04 +0000 (00:31 +0000)]
wrap a few PKCS#11-specific bits in ENABLE_PKCS11

8 months agomatch on Intel Meteor Lake U/H/U-Type4
jsg [Wed, 6 Mar 2024 00:11:25 +0000 (00:11 +0000)]
match on Intel Meteor Lake U/H/U-Type4
ok deraadt@ kettenis@

8 months agoregen
jsg [Wed, 6 Mar 2024 00:05:49 +0000 (00:05 +0000)]
regen

8 months agoadd Intel Meteor Lake U/H/U-Type4 ids
jsg [Wed, 6 Mar 2024 00:05:18 +0000 (00:05 +0000)]
add Intel Meteor Lake U/H/U-Type4 ids

from:
Intel Core Ultra Processor
Datasheet, Volume 1 of 2, Doc. No.: 792044, Rev.: 002

Mesa iris_pci_ids.h

ok deraadt@ kettenis@

8 months agolh_<type>_error() is no longer implemented as a macro
tb [Tue, 5 Mar 2024 22:15:29 +0000 (22:15 +0000)]
lh_<type>_error() is no longer implemented as a macro

8 months agoprune clang13 libLLVM; OK sthen
kn [Tue, 5 Mar 2024 19:47:58 +0000 (19:47 +0000)]
prune clang13 libLLVM;  OK sthen

8 months agoUgly workaround to let this compile again on non-clang platforms.
miod [Tue, 5 Mar 2024 19:27:47 +0000 (19:27 +0000)]
Ugly workaround to let this compile again on non-clang platforms.

8 months agoRemove GOST documentation
tb [Tue, 5 Mar 2024 19:21:31 +0000 (19:21 +0000)]
Remove GOST documentation

8 months agobackup disklabel for softraid(4) chunks
kn [Tue, 5 Mar 2024 18:54:29 +0000 (18:54 +0000)]
backup disklabel for softraid(4) chunks

Extend "Check for changes to the disklabels of mounted disks" to those that
host online softraid volumes, e.g installations with root inside CRYPTO sd0a
(and EFI System partition on sd0i).

That produces /var/backup/disklabel.sd0.current, previously missing in such
setups;  noticed after someone dd(1)ed miniroot onto sd0 by accident and had
no disklabel(8) backup to restore.

Feedback OK bluhm

8 months agoRevert m_defrag() mbuf alignment to IP header.
bluhm [Tue, 5 Mar 2024 18:52:41 +0000 (18:52 +0000)]
Revert m_defrag() mbuf alignment to IP header.

m_defrag() is intended as last resort to make DMA transfers to the
hardware.  Therefore page alingment is more important than IP header
alignment.  The reason, why the mbuf returned by m_defrag() was
switched to IP header alingment, was that ether_extract_headers()
failed in em(4) driver with TSO on sparc64.  This has been fixed
by using memcpy().

The alignment change in m_defrag() is too late in the 7.5 relaese
process.  It may affect several drivers on different architectures.
Bus dmamap for ixl(4) on sun4v expects page alignment.  Such alignment
issues and TSO mbuf mapping for IOMMU need more thought.

OK deraadt@

8 months agoTighten up BTCFI by flipping the bits that make PACIASP and PACIBSP
kettenis [Tue, 5 Mar 2024 18:42:20 +0000 (18:42 +0000)]
Tighten up BTCFI by flipping the bits that make PACIASP and PACIBSP
behave like BTI c instead of BTI jc.

ok deraadt@, tobhe@

8 months agosync
tb [Tue, 5 Mar 2024 18:31:13 +0000 (18:31 +0000)]
sync

8 months agoRemove ASN1_time_parse documentation
tb [Tue, 5 Mar 2024 18:30:40 +0000 (18:30 +0000)]
Remove ASN1_time_parse documentation

8 months agoConvert `t_lock', `r_keypair_lock' and `c_lock' rwlock(9)s to
mvs [Tue, 5 Mar 2024 17:48:01 +0000 (17:48 +0000)]
Convert `t_lock', `r_keypair_lock' and `c_lock' rwlock(9)s to
corresponding mutex(9)es.

ifq_start() and following wg_qstart() could be called from software
interrupt context if bandwidth control is enabled in pf.conf(5). Remove
sleep points provided by rwlock(9)s from wg(4) output start routine.

looks ok claudio

8 months agosync
tb [Tue, 5 Mar 2024 17:22:49 +0000 (17:22 +0000)]
sync

8 months agoRemove EVP_MD_meth* documentation
tb [Tue, 5 Mar 2024 17:21:40 +0000 (17:21 +0000)]
Remove EVP_MD_meth* documentation

Move the description of the EVP_MD_FLAGs to EVP_MD_nid() and add a
reference to the CMS specification.

8 months agowhois: use whois.internic.net for -i option
millert [Tue, 5 Mar 2024 16:06:32 +0000 (16:06 +0000)]
whois: use whois.internic.net for -i option
Revert revision 1.22 which changed -i to use whois.networksolutions.com.
Network Solutions no longer runs InterNic so we must use
whois.internic.net for looking up nameserver or registrar records.
OK deraadt@

8 months agoValidate IPv4 packet options in divert output.
bluhm [Tue, 5 Mar 2024 09:45:13 +0000 (09:45 +0000)]
Validate IPv4 packet options in divert output.

When sending raw packets over divert socket, IP options were not
validated.  Fragment code tries to copy them and crashes.  Raw IP
output has a similar feature, but uses rip_chkhdr() to prevent
invalid packets from userland.  Call this funtion also from
divert_output() for strict user input validation.

Reported-by: syzbot+b1ba3a2a8ef13e5b4698@syzkaller.appspotmail.com
OK dlg@ deraadt@ mvs@

8 months agoMake ftpd tests less flaky by ensuring the server has terminated before
anton [Tue, 5 Mar 2024 07:01:40 +0000 (07:01 +0000)]
Make ftpd tests less flaky by ensuring the server has terminated before
starting a new one.

8 months agoReduce high limit of dwqe(4) receive ring by one.
bluhm [Mon, 4 Mar 2024 23:50:20 +0000 (23:50 +0000)]
Reduce high limit of dwqe(4) receive ring by one.

To avoid confusion between the head and tail pointer, leave a gap
in dwqe(4) receive descriptors.  This prevents a situation when no
RX interrupts are received.

from gerhard@; OK kettenis@ dlg@

8 months agoAdd more platforms.
miod [Mon, 4 Mar 2024 19:35:13 +0000 (19:35 +0000)]
Add more platforms.

8 months agosync
tb [Mon, 4 Mar 2024 19:05:57 +0000 (19:05 +0000)]
sync

8 months agoRemove EVP_add_{cipher,digest}* docs
tb [Mon, 4 Mar 2024 19:04:47 +0000 (19:04 +0000)]
Remove EVP_add_{cipher,digest}* docs

8 months agolh_new.3: zap a trailing comma
tb [Mon, 4 Mar 2024 19:03:31 +0000 (19:03 +0000)]
lh_new.3: zap a trailing comma

8 months agoBring back the fabsf strong alias to fabs, lost sometime ago during
miod [Mon, 4 Mar 2024 17:09:23 +0000 (17:09 +0000)]
Bring back the fabsf strong alias to fabs, lost sometime ago during
libm symbol visibility rework.

This would warrant a libm.so minor bump, but as 7.5 packages build have
started, this won't happen (and hopefully noone will notice since this
only affects landisk).

ok deraadt@

8 months agox13s (or other qualcomm machines of that generation) will sometimes
deraadt [Mon, 4 Mar 2024 17:03:06 +0000 (17:03 +0000)]
x13s (or other qualcomm machines of that generation) will sometimes
boot in ACPI mode, then the qcpas0 driver isn't found. But we want
a firmware associated with that device name.  So also match for the
qcpas firmware on
^ppb0*\"Qualcomm SC8280XP PCIe\"
ok phessler kettenis

8 months agoEVP_CIPH_CUSTOM_KEY_LENGTH and EVP_CTRL_SET_KEY_LENGTH are gone
tb [Mon, 4 Mar 2024 09:49:07 +0000 (09:49 +0000)]
EVP_CIPH_CUSTOM_KEY_LENGTH and EVP_CTRL_SET_KEY_LENGTH are gone

8 months agoRemove docs for sk_find_ex()
tb [Mon, 4 Mar 2024 09:47:34 +0000 (09:47 +0000)]
Remove docs for sk_find_ex()

8 months agoRemove documentation of some CRYPTO_THREADID API
tb [Mon, 4 Mar 2024 09:30:43 +0000 (09:30 +0000)]
Remove documentation of some CRYPTO_THREADID API

CRYPTO_THREADID_{cpm,cpy,current,hash}() are no longer public, so remove
their documentation.

8 months agoDocument X509_STORE_get1_objects and deprecate the get0 version
tb [Mon, 4 Mar 2024 09:24:07 +0000 (09:24 +0000)]
Document X509_STORE_get1_objects and deprecate the get0 version

This manual is ordered a bit strangely in that some functions are
only documented in RETURN VALUES.

8 months agofix weekday
tb [Mon, 4 Mar 2024 08:37:40 +0000 (08:37 +0000)]
fix weekday

8 months agoregen
jsg [Mon, 4 Mar 2024 05:34:36 +0000 (05:34 +0000)]
regen

8 months agoupdate Intel DG2 device names
jsg [Mon, 4 Mar 2024 05:34:07 +0000 (05:34 +0000)]
update Intel DG2 device names
checked against ark.intel.com and windows infs

8 months agowhite space fixes. no functional change
dlg [Mon, 4 Mar 2024 04:44:12 +0000 (04:44 +0000)]
white space fixes. no functional change

8 months agofix leak of CanonicalizePermittedCNAMEs on error path; spotted
djm [Mon, 4 Mar 2024 04:13:18 +0000 (04:13 +0000)]
fix leak of CanonicalizePermittedCNAMEs on error path; spotted
by Coverity (CID 438039)

8 months agofreq is unsigned, kernel builds again
deraadt [Mon, 4 Mar 2024 04:11:52 +0000 (04:11 +0000)]
freq is unsigned, kernel builds again

8 months agodrm/amd/display: Fix memory leak in dm_sw_fini()
jsg [Mon, 4 Mar 2024 02:39:09 +0000 (02:39 +0000)]
drm/amd/display: Fix memory leak in dm_sw_fini()

From Armin Wolf
10c6b90e975358c17856a578419dc449887899c2 in linux-6.6.y/6.6.19
bae67893578d608e35691dcdfa90c4957debf1d3 in mainline linux

8 months agodrm/syncobj: handle NULL fence in syncobj_eventfd_entry_func
jsg [Mon, 4 Mar 2024 02:37:13 +0000 (02:37 +0000)]
drm/syncobj: handle NULL fence in syncobj_eventfd_entry_func

From Erik Kurzinger
20e1e1a2b8a4525301a76bd9afb856a7606a3a34 in linux-6.6.y/6.6.19
2aa6f5b0fd052e363bb9d4b547189f0bf6b3d6d3 in mainline linux

8 months agodrm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set
jsg [Mon, 4 Mar 2024 02:35:45 +0000 (02:35 +0000)]
drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set

From Erik Kurzinger
716cfee8053e608b4ff8c698e91843bd985f4553 in linux-6.6.y/6.6.19
3c43177ffb54ea5be97505eb8e2690e99ac96bc9 in mainline linux

8 months agodrm/i915/tv: Fix TV mode
jsg [Mon, 4 Mar 2024 02:34:01 +0000 (02:34 +0000)]
drm/i915/tv: Fix TV mode

From Maxime Ripard
16bc939f224dfeed6cafbb78860179d4c2586e8c in linux-6.6.y/6.6.19
fb1e881273f432e593f8789f99e725b09304cc97 in mainline linux

8 months agodrm/amd/display: Fix buffer overflow in 'get_host_router_total_dp_tunnel_bw()'
jsg [Mon, 4 Mar 2024 02:32:03 +0000 (02:32 +0000)]
drm/amd/display: Fix buffer overflow in 'get_host_router_total_dp_tunnel_bw()'

From Srinivasan Shanmugam
7211800091a9e2d49ad34f59d47321ca09ae30a7 in linux-6.6.y/6.6.19
97cba232549b9fe7e491fb60a69cf93075015f29 in mainline linux

8 months agodrm/amd/display: Avoid enum conversion warning
jsg [Mon, 4 Mar 2024 02:30:03 +0000 (02:30 +0000)]
drm/amd/display: Avoid enum conversion warning

From Nathan Chancellor
a1baf5734231dd3ee5d98022b2da474bc972f9c7 in linux-6.6.y/6.6.19
d7643fe6fb76edb1f2f1497bf5e8b8f4774b5129 in mainline linux

8 months agodrm/amd/display: adjust few initialization order in dm
jsg [Mon, 4 Mar 2024 02:28:24 +0000 (02:28 +0000)]
drm/amd/display: adjust few initialization order in dm

From Wayne Lin
fec5aea66916069d67b27e70ea88c99f15dc72fa in linux-6.6.y/6.6.19
22e1dc4b2fec17af70f297a4295c5f19a0f3fbeb in mainline linux

8 months agodrm/ttm: Fix an invalid freeing on already freed page in error path
jsg [Mon, 4 Mar 2024 02:26:20 +0000 (02:26 +0000)]
drm/ttm: Fix an invalid freeing on already freed page in error path

From Thomas Hellstrom
47bacc3c7fbbf573415c7ce1e7223bed3d691bfd in linux-6.6.y/6.6.19
40510a941d27d405a82dc3320823d875f94625df in mainline linux

8 months agodrm/amd/display: fixed integer types and null check locations
jsg [Mon, 4 Mar 2024 02:24:27 +0000 (02:24 +0000)]
drm/amd/display: fixed integer types and null check locations

From Sohaib Nadeem
71783d1ff65204d69207fd156d4b2eb1d3882375 in linux-6.6.y/6.6.19
0484e05d048b66d01d1f3c1d2306010bb57d8738 in mainline linux

8 months agodrm/amd/display: Request usb4 bw for mst streams
jsg [Mon, 4 Mar 2024 02:21:40 +0000 (02:21 +0000)]
drm/amd/display: Request usb4 bw for mst streams

From Peichen Huang
622c827544ef300899a757f5b1d61554c2c3abcc in linux-6.6.y/6.6.19
5f3bce13266e6fe2f7a46f94d8bc94d5274e276b in mainline linux

8 months agodrm/amd/display: Add dpia display mode validation logic
jsg [Mon, 4 Mar 2024 02:18:12 +0000 (02:18 +0000)]
drm/amd/display: Add dpia display mode validation logic

From Meenakshikumar Somasundaram
c3682b63c60fdef04fc503d36d08bb84ee9758ad in linux-6.6.y/6.6.19
59f1622a5f05d948a7c665a458a3dd76ba73015e in mainline linux

8 months agoSeparate parsing of string array options from applying them to the
djm [Mon, 4 Mar 2024 02:16:11 +0000 (02:16 +0000)]
Separate parsing of string array options from applying them to the
active configuration. This fixes the config parser from erroneously
rejecting cases like:

AuthenticationMethods password
Match User ivy
  AuthenticationMethods any

bz3657 ok markus@

8 months agodrm/amdgpu: Fix HDP flush for VFs on nbio v7.9
jsg [Mon, 4 Mar 2024 02:13:13 +0000 (02:13 +0000)]
drm/amdgpu: Fix HDP flush for VFs on nbio v7.9

From Lijo Lazar
c19453cc16ad5d90f9ed40686203103e57085580 in linux-6.6.y/6.6.19
534c8a5b9d5d41d30cdcac93cfa1bca5e17be009 in mainline linux

8 months agodrm/amdgpu: Fix shared buff copy to user
jsg [Mon, 4 Mar 2024 02:11:22 +0000 (02:11 +0000)]
drm/amdgpu: Fix shared buff copy to user

From Stanley.Yang
cb4541cabb531ce230489a2930c5eaaa91d779ce in linux-6.6.y/6.6.19
2dcf82a8e8dc930655787797ef8a3692b527c7a9 in mainline linux

8 months agodrm/amdgpu: reset gpu for s3 suspend abort case
jsg [Mon, 4 Mar 2024 02:09:44 +0000 (02:09 +0000)]
drm/amdgpu: reset gpu for s3 suspend abort case

From Prike Liang
61c0a633bdc644b064f0c9fe6412df247b2fbcca in linux-6.6.y/6.6.19
6ef82ac664bb9568ca3956e0d9c9c478e25077ff in mainline linux

8 months agodrm/amdgpu: skip to program GFXDEC registers for suspend abort
jsg [Mon, 4 Mar 2024 02:08:07 +0000 (02:08 +0000)]
drm/amdgpu: skip to program GFXDEC registers for suspend abort

From Prike Liang
7a3a0b0c7f4720cbac79d991ebb3ab1cd2cd065a in linux-6.6.y/6.6.19
93bafa32a6918154aa0caf9f66679a32c2431357 in mainline linux

8 months agodrm/amdkfd: Use correct drm device for cgroup permission check
jsg [Mon, 4 Mar 2024 02:05:20 +0000 (02:05 +0000)]
drm/amdkfd: Use correct drm device for cgroup permission check

From Mukul Joshi
5a1bd2143fd70f35a255c02611731b509d1cebac in linux-6.6.y/6.6.19
4119734e06a7f30e7e8eb666692a58b85dca0269 in mainline linux

8 months agoAdd support for the "NG" clock bindings for sun5i SoCs.
kettenis [Sun, 3 Mar 2024 21:42:41 +0000 (21:42 +0000)]
Add support for the "NG" clock bindings for sun5i SoCs.

ok patrick@

8 months agobetter estimate
deraadt [Sun, 3 Mar 2024 18:24:07 +0000 (18:24 +0000)]
better estimate

8 months agoFlush the D-cache before we disable the cache. This makes more sense and
kettenis [Sun, 3 Mar 2024 17:00:14 +0000 (17:00 +0000)]
Flush the D-cache before we disable the cache.  This makes more sense and
fixes booting on my A10S-OLinuXino-MICRO board.  Since the cache is still
enabled, the CPU might bring back some of the cache lines we just flushed.
So invalidate the cache after disabling.

ok deraadt@

8 months agoClarify which part of the path name is considered for substitution.
millert [Sun, 3 Mar 2024 15:24:45 +0000 (15:24 +0000)]
Clarify which part of the path name is considered for substitution.
Also use "name" instead of "file name" is some places since the
result could be either a file or a directory.  Work done with jmc@

8 months agoReinstate a test that was accidentally removed in previous
tb [Sun, 3 Mar 2024 13:29:19 +0000 (13:29 +0000)]
Reinstate a test that was accidentally removed in previous

8 months agoFill the list of expected test failures for m88k.
miod [Sun, 3 Mar 2024 11:15:38 +0000 (11:15 +0000)]
Fill the list of expected test failures for m88k.

8 months agoCope with the rare case of an imprecise FPU exception caught when
miod [Sun, 3 Mar 2024 11:14:34 +0000 (11:14 +0000)]
Cope with the rare case of an imprecise FPU exception caught when
reenabling the FPU as part of the regular processing of another exception.

8 months agoWorkaround a 88100 errata where a FPU imprecise exception may be raised
miod [Sun, 3 Mar 2024 11:03:13 +0000 (11:03 +0000)]
Workaround a 88100 errata where a FPU imprecise exception may be raised
for floating-point-to-int conversions by mistake (these instructions are
not supposed to raise this exception).

8 months agoFor macppc, add missing CFI for cr2, cr3, cr4
gkoehler [Sun, 3 Mar 2024 03:09:39 +0000 (03:09 +0000)]
For macppc, add missing CFI for cr2, cr3, cr4

clang -S was missing a line like ".cfi_offset cr2, -16" in functions
that spill cr2 (or cr3, cr4) to the stack.  This was breaking a few
C++ exceptions.  This fix adds the missing CFI.

This will fix the C++ exception that was crashing egdb from
ports/devel/gdb when you did "q to quit" in the pager.

ok kettenis@ tobhe@

8 months agoFix awacs(4) audio on some iMac G3 models
gkoehler [Sun, 3 Mar 2024 02:40:10 +0000 (02:40 +0000)]
Fix awacs(4) audio on some iMac G3 models

This code affects iMac G3s with a slot-loading CD drive (from late
1999 to 2001, after the older tray-loading iMac G3s, and before the
iMac G4s).  Detect such iMacs by their model string (PowerMac2,1 or
PowerMac2,2 or PowerMac4,1), and configure their headphones and
internal speakers in a different way.  These iMacs have 3 places to
connect headphones (2 on front, 1 on right side).  They also have no
audio connection to the CD drive, so turn off the noisy CD input.

From evan (dot) jss (at) protonmail (dot) ch; I edited the code to get
the model string.

8 months agosnc
deraadt [Sun, 3 Mar 2024 00:22:23 +0000 (00:22 +0000)]
snc

8 months agoexamples should show how to check the signature of the next release
benno [Sat, 2 Mar 2024 23:38:00 +0000 (23:38 +0000)]
examples should show how to check the signature of the next release

8 months agobump version to 7.5.0
op [Sat, 2 Mar 2024 22:40:28 +0000 (22:40 +0000)]
bump version to 7.5.0

8 months agosync
deraadt [Sat, 2 Mar 2024 22:17:19 +0000 (22:17 +0000)]
sync

8 months agoadd rkpmic(4); ok kettenis
jmc [Sat, 2 Mar 2024 22:08:50 +0000 (22:08 +0000)]
add rkpmic(4); ok kettenis

8 months agoThis driver can now attach to SPI and supports the RK806 PMIC.
kettenis [Sat, 2 Mar 2024 20:22:13 +0000 (20:22 +0000)]
This driver can now attach to SPI and supports the RK806 PMIC.

8 months agorkspi(4)
kettenis [Sat, 2 Mar 2024 20:21:33 +0000 (20:21 +0000)]
rkspi(4)

8 months agoEnable rkspi(4) and rkpmic(4) at spi.
kettenis [Sat, 2 Mar 2024 19:53:17 +0000 (19:53 +0000)]
Enable rkspi(4) and rkpmic(4) at spi.

ok patrick@

8 months agoAdd support for attaching rkpmic(4) to an SPI bus. Add support for
kettenis [Sat, 2 Mar 2024 19:52:41 +0000 (19:52 +0000)]
Add support for attaching rkpmic(4) to an SPI bus.  Add support for
the RK806 PMIC which can attach to both I2C and SPI.  Based on an old
diff from patrick@

ok patrick@

8 months agoAdd rkspi(4), a driver for the SPI controller found on various Rockchip
kettenis [Sat, 2 Mar 2024 19:50:30 +0000 (19:50 +0000)]
Add rkspi(4), a driver for the SPI controller found on various Rockchip
SoCs.  Based on an earlier diff from patrick@

ok patrick@

8 months agoAdd clocks for the RK3588 SPI controller.
kettenis [Sat, 2 Mar 2024 19:48:13 +0000 (19:48 +0000)]
Add clocks for the RK3588 SPI controller.

From patrick@

8 months agoShorter and simpler version which does not need to use the stack.
miod [Sat, 2 Mar 2024 16:51:00 +0000 (16:51 +0000)]
Shorter and simpler version which does not need to use the stack.

8 months agoTrigger retransmission only for fragment 1/x, otherwise each received
tobhe [Sat, 2 Mar 2024 16:16:07 +0000 (16:16 +0000)]
Trigger retransmission only for fragment 1/x, otherwise each received
fragment can trigger retransmission of the full fragment queue.

From RFC7383, 2.6.1:
"[...] that even MUST only trigger a retransmission of the response message
 (fragmented or no) if the Fragment Number field in the received
 fragments is set to 1; otherwise, it MUST be ignored."

from markus

8 months agoBump to OpenIKED 7.4
tobhe [Sat, 2 Mar 2024 15:55:58 +0000 (15:55 +0000)]
Bump to OpenIKED 7.4

8 months agoinclude <time.h> for time_t and struct tm, needed for macos
tb [Sat, 2 Mar 2024 15:40:05 +0000 (15:40 +0000)]
include <time.h> for time_t and struct tm, needed for macos

ok millert miod

8 months agoimplement qwx(4) monitor status ring polling
stsp [Sat, 2 Mar 2024 15:18:57 +0000 (15:18 +0000)]
implement qwx(4) monitor status ring polling

On QCNFA765 the monitor status ring does not trigger any interrupts.
Unless the driver keeps polling this ring from a timer the device
will eventually lock up if this ring is enabled.

Even though we're not using this ring yet, add the tiny bits of code
required to poll it so that the next person who enables this code
won't have to waste time figuring out why the device stops working.

The monitor status ring provides details about received frames in special
TLV-format packets which the driver can parse and update statistics with.
Interesting info includes per-frame RSSI. Which we already learn from
beacons, so we don't need to enable an entire extra ring just for that.

Another reason to keep this disabled is that it triggers mbuf corruption
for reasons I haven't been able to figure out. Help welcome.

8 months agosilently ignore update-stats events from qwx(4) firmware
stsp [Sat, 2 Mar 2024 15:06:20 +0000 (15:06 +0000)]
silently ignore update-stats events from qwx(4) firmware

Reduces noise with QWX_DEBUG enabled.

8 months agorepair QWX_DEBUG build
stsp [Sat, 2 Mar 2024 15:04:27 +0000 (15:04 +0000)]
repair QWX_DEBUG build

8 months agoRemove some GOST relics
tb [Sat, 2 Mar 2024 13:39:28 +0000 (13:39 +0000)]
Remove some GOST relics

8 months agosync (lh_stats.3 removal)
tb [Sat, 2 Mar 2024 13:28:22 +0000 (13:28 +0000)]
sync (lh_stats.3 removal)

8 months agoProvide the missing fabsl alias to fabs.
miod [Sat, 2 Mar 2024 12:02:42 +0000 (12:02 +0000)]
Provide the missing fabsl alias to fabs.

No shlib_version change needed, jumping on the version bump of the mkdtems
addition.

8 months agoUnhook some gost tests
tb [Sat, 2 Mar 2024 11:53:55 +0000 (11:53 +0000)]
Unhook some gost tests

8 months agoCrank libressl version to 3.9.0 (finally!)
tb [Sat, 2 Mar 2024 11:53:30 +0000 (11:53 +0000)]
Crank libressl version to 3.9.0 (finally!)

8 months agosync (libressl major, gost.h removal)
tb [Sat, 2 Mar 2024 11:52:43 +0000 (11:52 +0000)]
sync (libressl major, gost.h removal)

8 months agocrank libtls major
tb [Sat, 2 Mar 2024 11:50:36 +0000 (11:50 +0000)]
crank libtls major

same bump as libcrypto and libssl

8 months agocrank libssl major
tb [Sat, 2 Mar 2024 11:49:22 +0000 (11:49 +0000)]
crank libssl major

same bump as libcrypto; symbol removal and addition

8 months agoRemove SSL_debug
tb [Sat, 2 Mar 2024 11:48:55 +0000 (11:48 +0000)]
Remove SSL_debug

The garbage truck is quite full by now. Collect the last symbol
straggler for this bump.

ok jsing

8 months agoGarbage collect TLS1_FLAGS_SKIP_CERT_VERIFY
tb [Sat, 2 Mar 2024 11:47:41 +0000 (11:47 +0000)]
Garbage collect TLS1_FLAGS_SKIP_CERT_VERIFY

And here goes another weird-ass thing of dubious pedigree.

ok jsing

8 months agoMake {SSL3,TLS}_CT_* internal
tb [Sat, 2 Mar 2024 11:46:55 +0000 (11:46 +0000)]
Make {SSL3,TLS}_CT_* internal

And here goes a bunch of unused macros that just had to be in two
headers so they could get out of sync. Three of these constants
are used in a single function...

ok jsing

8 months agoRemove SSL_CIPHER_get_by_{id,value}()
tb [Sat, 2 Mar 2024 11:45:51 +0000 (11:45 +0000)]
Remove SSL_CIPHER_get_by_{id,value}()

While this undocumented API would have been much nicer and saner than
SSL_CIPHER_find(), nothing used this except for the exporter test.
Let's get rid of it again. libssl uses ssl3_get_cipher_by_{id,value}()
directly.

ok jsing