bluhm [Fri, 8 Sep 2023 21:16:55 +0000 (21:16 +0000)]
Print a message when test has finished successfully.
bluhm [Fri, 8 Sep 2023 21:15:02 +0000 (21:15 +0000)]
Test pf and stack with double atomic IPv6 fragments.
That means the IPv6 header chain contains two fragment header that
spawn the whole packet. Such packets are illegal and pf drops them.
Otherwise they could bypass pf rules as described in CVE-2023-4809.
OpenBSD is not affected as pf_walk_header6() drops them with "IPv6
multiple fragment" log message. This check exists since 2013 when
special support for atomic fragments was added to pf.
If pf is disabled, the IPv6 stack accepts such packets. I do not
consider this a security issue.
kn [Fri, 8 Sep 2023 20:47:22 +0000 (20:47 +0000)]
Clean up old console bootargs
7.3 is long gone, you must have new bootloaders and new kernels.
Zaps both condition and else block, unindent and merge lines where fit.
Feedback OK kettenis
Tests OK denis
mvs [Fri, 8 Sep 2023 20:00:27 +0000 (20:00 +0000)]
Remove the remnants of the leftover selinfo from vnode(9) layer. Just
mechanical 'selinfo' to 'klist' replacement in 'vnode' structure because
knote(9) API is already used.
<sys/selinfo.h> headers added where is was required.
ok bluhm
naddy [Fri, 8 Sep 2023 13:40:52 +0000 (13:40 +0000)]
revert previous
The change broke IPv6 neighbor discovery, and anton@ reports several
regression test failures.
ok bluhm@
schwarze [Fri, 8 Sep 2023 11:37:58 +0000 (11:37 +0000)]
Mark EVP_PKEY_save_parameters() as intentionally undocumented
because nothing uses it according to codesearch.debian.net
and it only affects X509_PUBKEY_set(3) for DSA and GOST2001 keys,
resulting in incomplete output without the public key parameters.
claudio [Fri, 8 Sep 2023 09:06:31 +0000 (09:06 +0000)]
Change how ps_threads and p_thr_link are locked away from using SCHED_LOCK.
The per process thread list can be traversed (read) by holding either
the KERNEL_LOCK or the per process ps_mtx (instead of SCHED_LOCK).
Abusing the SCHED_LOCK for this makes it impossible to split up the
scheduler lock into something more fine grained.
Tested by phessler@, ok mpi@
nicm [Fri, 8 Sep 2023 07:05:06 +0000 (07:05 +0000)]
On second thoughts, do check DA2 for DECFRA and DECSLRM since that will
catch terminals that say they are VT520 even if we can't use DA1
(because of VTE).
nicm [Fri, 8 Sep 2023 06:52:31 +0000 (06:52 +0000)]
Use DECSLRM and DECFRA only at level 4 rather than checking the terminal
id.
djm [Fri, 8 Sep 2023 06:34:24 +0000 (06:34 +0000)]
fix sizeof(*ptr) instead sizeof(ptr) in realloc (pointer here is
char**, so harmless); spotted in CID 416964
djm [Fri, 8 Sep 2023 06:10:57 +0000 (06:10 +0000)]
regress test recursive remote-remote directories copies where the
directory contains a symlink to another directory.
also remove errant `set -x` that snuck in at some point
djm [Fri, 8 Sep 2023 06:10:02 +0000 (06:10 +0000)]
fix recursive remote-remote copies of directories that contain symlinks
to other directories (similar to bz3611)
yasuoka [Fri, 8 Sep 2023 05:56:22 +0000 (05:56 +0000)]
Add request or response decoration feature which is used through the
radiusd module interface. This makes additional modules can modify
RADIUS request or response messages. Also add new "radius_standard"
module which uses this new feature, provides some generic features
like "strip-atmark-realm" which removes the realm part from the
User-Name attribute. from IIJ.
djm [Fri, 8 Sep 2023 05:56:13 +0000 (05:56 +0000)]
the sftp code was one of my first contributions to OpenSSH and it
shows - the function names are terrible.
Rename do_blah() to sftp_blah() to make them less so.
Completely mechanical except for sftp_stat() and sftp_lstat() which
change from returning a pointer to a static variable (error-prone) to
taking a pointer to a caller-provided receiver.
djm [Fri, 8 Sep 2023 05:50:57 +0000 (05:50 +0000)]
regress test for recursive copies of directories containing symlinks
to other directories. bz3611, ok dtucker@
djm [Fri, 8 Sep 2023 05:50:12 +0000 (05:50 +0000)]
fix scp in SFTP mode recursive upload and download of directories
that contain symlinks to other directories. In scp mode, the links
would be followed, but in SFTP mode they were not. bz3611, ok dtucker@
espie [Thu, 7 Sep 2023 23:32:56 +0000 (23:32 +0000)]
blast from the past... be gone!
tb [Thu, 7 Sep 2023 21:31:00 +0000 (21:31 +0000)]
sync
schwarze [Thu, 7 Sep 2023 19:59:58 +0000 (19:59 +0000)]
Below RETURN VALUES,
* mention that EVP_MD_CTX_md(3) also returns NULL
if no message digest is configured yet; and
* omplete the list of functions returning const EVP_MD *,
also making the wording more precise.
Delete EVP_MAX_MD_SIZE from the NAME, SYNOPSIS, and HISTORY sections
because we do not usually document preprocessor macro constants in
this way. There is nothing special about this constant justifying
an exception.
schwarze [Thu, 7 Sep 2023 19:28:37 +0000 (19:28 +0000)]
add the missing entries for EVP_MD_CTX_pkey_ctx(3) and EVP_MD_CTX_md_data(3)
to the RETURN VALUES section
espie [Thu, 7 Sep 2023 17:26:14 +0000 (17:26 +0000)]
always say "the sqlports package"
espie [Thu, 7 Sep 2023 17:24:39 +0000 (17:24 +0000)]
be more direct about SUPDISTFILES
espie [Thu, 7 Sep 2023 17:21:10 +0000 (17:21 +0000)]
We prefer SITES.sufx (lowercase)
espie [Thu, 7 Sep 2023 17:19:19 +0000 (17:19 +0000)]
MASTER_SITES -> SITES
espie [Thu, 7 Sep 2023 17:17:43 +0000 (17:17 +0000)]
mention that SITE_BACKUP won't work transparently until we completely
get rid of MASTER_SITES.
espie [Thu, 7 Sep 2023 17:15:29 +0000 (17:15 +0000)]
beyond libtool
schwarze [Thu, 7 Sep 2023 16:32:41 +0000 (16:32 +0000)]
document EVP_MD_nid(3) and EVP_MD_name(3)
schwarze [Thu, 7 Sep 2023 15:57:04 +0000 (15:57 +0000)]
improve the descriptions of most functions
espie [Thu, 7 Sep 2023 15:28:48 +0000 (15:28 +0000)]
default value for PORTHOME (todo: add it as diagnostic)
espie [Thu, 7 Sep 2023 15:23:00 +0000 (15:23 +0000)]
don't share patches lightly
espie [Thu, 7 Sep 2023 15:12:38 +0000 (15:12 +0000)]
even though it's annotated, users don't see .Cm, so note we're talking
about the target since 'package' is used all over the place.
schwarze [Thu, 7 Sep 2023 14:22:11 +0000 (14:22 +0000)]
Split two new manual pages EVP_MD_nid(3) and EVP_MD_CTX_ctrl(3)
out of the large EVP_DigestInit(3). No text change.
tobhe [Thu, 7 Sep 2023 11:17:32 +0000 (11:17 +0000)]
Treat consecutive paragraph indicators as different paragraphs
Consecutive empty lines count toward the same state, so there're
2x states (to get in and out). ^L and .PP are counted as text,
hitting those in the text should be treated as getting out of a
paragraph and then getting in.
From Walter Alejandro Iglesias and Zhihao Yuan in nvi2
ok bluhm@
nicm [Thu, 7 Sep 2023 10:21:46 +0000 (10:21 +0000)]
Use DECSLRM and DECFRA on terminals pretending to be VT520 or VT525 as
well as VT420.
sashan [Thu, 7 Sep 2023 09:59:43 +0000 (09:59 +0000)]
pf(4) ignores 'keep state' and 'nat-to' actions for unsolicited
icmp error responses. Fix tightens rule matching logic so icmp
error responses no longer match 'keep state' rule. In typical
scenarios icmp errors (if solicited) should match existing state.
The change is going to bite firewalls which deal with asymmetric
routes. In those cases the 'keep state' action should be relaxed
to sloppy or new 'no state' rule to explicitly match icmp
errors should be added.
The issue has been reported by Peter J. Philip (pjp _at_ delphinusdns.org).
Discussed with bluhm@ and florian@
OK bluhm@
nicm [Thu, 7 Sep 2023 07:19:21 +0000 (07:19 +0000)]
Accept 65 for VT525 as well.
jsg [Thu, 7 Sep 2023 06:32:24 +0000 (06:32 +0000)]
convert to ansi function decl
daniel [Thu, 7 Sep 2023 02:12:07 +0000 (02:12 +0000)]
regen
daniel [Thu, 7 Sep 2023 02:11:26 +0000 (02:11 +0000)]
add Realtek 8852AE
ok kevlo@
jsg [Thu, 7 Sep 2023 01:45:53 +0000 (01:45 +0000)]
mention ConnectX-6 Dx and ConnectX-6 Lx
jsg [Thu, 7 Sep 2023 01:43:46 +0000 (01:43 +0000)]
match on Mellanox ConnectX-6 Lx
from and tested by Olivier Croquin
ok dlg@
jsg [Thu, 7 Sep 2023 01:41:42 +0000 (01:41 +0000)]
regen
jsg [Thu, 7 Sep 2023 01:41:09 +0000 (01:41 +0000)]
add Mellanox ConnectX-6 Lx
from Olivier Croquin
jca [Thu, 7 Sep 2023 01:08:36 +0000 (01:08 +0000)]
Fix missing function declarations to let mkhybrid build with clang-16
ok millert@
jsg [Wed, 6 Sep 2023 23:47:51 +0000 (23:47 +0000)]
regen
jsg [Wed, 6 Sep 2023 23:47:14 +0000 (23:47 +0000)]
add a Navi 32 device id
747e rev c8 is Radeon RX 7800 XT
747e rev ff is Radeon RX 7700 XT
found in AMD Software: Adrenalin Edition 23.9.1
djm [Wed, 6 Sep 2023 23:36:09 +0000 (23:36 +0000)]
regression test for override of subsystem in match blocks
djm [Wed, 6 Sep 2023 23:35:35 +0000 (23:35 +0000)]
allow override of Sybsystem directives in sshd Match blocks
djm [Wed, 6 Sep 2023 23:26:37 +0000 (23:26 +0000)]
allocate the subsystems array as necessary and remove the fixed limit of
subsystems. Saves a few kb of memory in the server and makes it more like
the other options.
djm [Wed, 6 Sep 2023 23:23:53 +0000 (23:23 +0000)]
preserve quoting of Subsystem commands and arguments. This may change
behaviour of exotic configurations, but the most common subsystem
configuration (sftp-server) is unlikely to be affected.
djm [Wed, 6 Sep 2023 23:21:36 +0000 (23:21 +0000)]
downgrade duplicate Subsystem directives from being a fatal error
to being a debug message to match behaviour with just about all other
directives.
djm [Wed, 6 Sep 2023 23:18:15 +0000 (23:18 +0000)]
handle cr+lf (instead of just cr) in sshsig signature files
espie [Wed, 6 Sep 2023 22:28:50 +0000 (22:28 +0000)]
point GH_* to DIST_TUPLE for complicated stuff
remove description of MTREE_FILE that was removed a few years ago
espie [Wed, 6 Sep 2023 21:14:43 +0000 (21:14 +0000)]
ROACH_URL and ROACH_SITES, to help portroach figure out the new things.
dv [Wed, 6 Sep 2023 19:27:54 +0000 (19:27 +0000)]
Correct error message: vionet -> vioblk. No functional change.
dv [Wed, 6 Sep 2023 19:26:39 +0000 (19:26 +0000)]
vmd(8): clean up struct ioinfo.
In prep for fixing some vioblk device issues, simplify the ioinfo
struct by dropping members that aren't needed.
ok mlarkin@
schwarze [Wed, 6 Sep 2023 16:26:49 +0000 (16:26 +0000)]
Mark EVP_CIPHER_set_asn1_iv() and EVP_CIPHER_get_asn1_iv() as intentionally
undocumented because they are unused outside libcrypto according
to codesearch.debian.net and should probably not be public: they seem
hardly useful even for implementing custom EVP_CIPHER algorithms.
tb@ came to similar conclusions regarding these two functions.
schwarze [Wed, 6 Sep 2023 16:03:29 +0000 (16:03 +0000)]
minimal linting, no output change: .Ed with an argument;
stray .Pp before .It; new sentence, new line; trailing whitespace
job [Wed, 6 Sep 2023 15:53:07 +0000 (15:53 +0000)]
Initialize afi & safi to zero
OK tb@
tb [Wed, 6 Sep 2023 15:32:54 +0000 (15:32 +0000)]
Avoid use-of-uninitialized in i2r_IPAddrBlocks()
Reported by Viktor Szakats in
https://github.com/libressl/portable/issues/910
ok job
espie [Wed, 6 Sep 2023 15:02:51 +0000 (15:02 +0000)]
reflect new reality
jca [Wed, 6 Sep 2023 15:02:32 +0000 (15:02 +0000)]
Use casts to force two function pointers assignements and fix build with clang-16
"looks fine to me" robert@, ok kettenis@
caspar [Wed, 6 Sep 2023 13:33:46 +0000 (13:33 +0000)]
bsd.port.mk.5: fix markup of NO_ARCH variable
OK kn@ schwarze@
robert [Wed, 6 Sep 2023 12:45:19 +0000 (12:45 +0000)]
explicitly cast ULLONG_MAX to double when comparing to a double
ok krw@
schwarze [Wed, 6 Sep 2023 12:26:59 +0000 (12:26 +0000)]
Correct the RETURN VALUES of OBJ_add_object(3).
The text was misleading before and after the improvement
in obj_dat.c rev. 1.61. The way i'm fixing the documentation
here takes that improvement into account.
Also add a CAVEATS section about adding incomplete objects.
jca [Wed, 6 Sep 2023 12:15:30 +0000 (12:15 +0000)]
Use -std=gnu89 to fix the build with clang-16
This is ancient GNU software that tends to break whenever clang adds
more warnings about deprecated features in new languages versions or
turns them into errors. Using -std=gnu89 (the defaults for base-gcc)
for those packages means we'll probably avoid most new warnings, errors,
and possible miscompilations when updating clang.
ok robert@
jsg [Wed, 6 Sep 2023 12:08:54 +0000 (12:08 +0000)]
regen
espie [Wed, 6 Sep 2023 12:08:31 +0000 (12:08 +0000)]
be more specific in describing the magic behind EXTRACT_CASES
jsg [Wed, 6 Sep 2023 12:07:54 +0000 (12:07 +0000)]
add Intel Optane SSD P1600X
from Andreas Bartelt
jsg [Wed, 6 Sep 2023 11:53:56 +0000 (11:53 +0000)]
remove uneeded function decls
ok tb@
jca [Wed, 6 Sep 2023 11:49:11 +0000 (11:49 +0000)]
Build with -std=gnu89 to fix the build with clang-16
This is ancient GNU software that tends to break whenever clang adds
more warnings about deprecated features in new languages versions or
turns them into errors. Using -std=gnu89 (the defaults for base-gcc)
for those packages means we'll probably avoid most new warnings, errors,
and possible miscompilations when updating clang.
This fixes the build of libiberty and texinfo with clang-16.
ok robert@
espie [Wed, 6 Sep 2023 11:47:36 +0000 (11:47 +0000)]
nits
bluhm [Wed, 6 Sep 2023 11:09:43 +0000 (11:09 +0000)]
Use shared net lock for ip_send() and ip6_send().
When called with NULL options, ip_output() and ip6_output() are MP
safe. Convert exclusive to shared net lock in send dispatch.
OK mpi@
jsg [Wed, 6 Sep 2023 11:08:00 +0000 (11:08 +0000)]
use ansi function decls
jsg [Wed, 6 Sep 2023 11:03:30 +0000 (11:03 +0000)]
use ansi function decls
claudio [Wed, 6 Sep 2023 09:52:26 +0000 (09:52 +0000)]
Add missing <sys/time.h> include for timespecsub()
espie [Wed, 6 Sep 2023 09:50:45 +0000 (09:50 +0000)]
document ERRORS better
kettenis [Wed, 6 Sep 2023 09:12:49 +0000 (09:12 +0000)]
Remove -mabi=elfv2 option. This is the default for OpenBSD and clang 16
generates a (spurious) error about it in certain contexts. This is fixed
in later versions (see https://reviews.llvm.org/
D156351) but it is easier
to just drop the option.
ok miod@, jsg@
sthen [Wed, 6 Sep 2023 09:09:57 +0000 (09:09 +0000)]
remove doubled entry in config.h.in
sthen [Wed, 6 Sep 2023 09:08:58 +0000 (09:08 +0000)]
regen
sthen [Wed, 6 Sep 2023 09:08:30 +0000 (09:08 +0000)]
remove extra blank line to reduce changes to upstream in a locally-patched file
sthen [Wed, 6 Sep 2023 09:08:04 +0000 (09:08 +0000)]
whitespace fixes, problem with util/tube.c pointed out by jsg (probably
introduced by the diff/patch process I use to avoid stomping on the local
changes in updates)
jsg [Wed, 6 Sep 2023 05:54:07 +0000 (05:54 +0000)]
use ansi function decls
jsg [Wed, 6 Sep 2023 05:04:07 +0000 (05:04 +0000)]
remove unused variable
jsg [Wed, 6 Sep 2023 05:00:37 +0000 (05:00 +0000)]
remove unused variable
jsg [Wed, 6 Sep 2023 04:57:28 +0000 (04:57 +0000)]
add void to function decls with no args
jsg [Wed, 6 Sep 2023 03:51:20 +0000 (03:51 +0000)]
remove unused variable
dv [Wed, 6 Sep 2023 03:35:57 +0000 (03:35 +0000)]
vmm(4)/vmd(8): include pending interrupt in vm_run_parmams.
To remove an ioctl(2) from the vcpu thread hotpath in vmd(8), add
a flag in the vm_run_params structure to indicate if there's another
interrupt pending. This reduces latency in vcpu work related to
i/o as we save a trip into the kernel just to flip the interrupt
pending flag on or off.
Tested by phessler@, mbuhl@, stsp@, and Mischa Peters.
ok mlarkin@
jsg [Wed, 6 Sep 2023 03:17:32 +0000 (03:17 +0000)]
remove unused variable
cheloha [Wed, 6 Sep 2023 02:33:18 +0000 (02:33 +0000)]
clockintr: replace u_int with standard types
The clockintr code already uses uint64_t everywhere, so we may as well
be consistent: replace u_int with uint32_t everywhere it is trivial to
do so; leave the sysctl(2) hook and ddb(4) code alone for now.
Suggested by mpi@.
ok mpi@
cheloha [Wed, 6 Sep 2023 02:09:58 +0000 (02:09 +0000)]
clockintr: clockintr_establish: change first argument to a cpu_info pointer
All CPUs control a single clockintr_queue. clockintr_establish()
callers don't need to know about the underlying clockintr_queue.
Accepting a cpu_info pointer as argument simplifies the API.
From mpi@.
ok mpi@
jsg [Wed, 6 Sep 2023 01:47:36 +0000 (01:47 +0000)]
revert disabling warnings for zlib on clang >= 15
no longer needed with zlib 1.3
ok tb@
jsg [Tue, 5 Sep 2023 23:45:53 +0000 (23:45 +0000)]
DISNAME -> DISTNAME
schwarze [Tue, 5 Sep 2023 23:16:01 +0000 (23:16 +0000)]
According to the C11 standard, char32_t and char16_t are not part
of the C language but are part of the C library and have to be
declared in <uchar.h> - see paragraph 7.28.2.
In stark contrast, according to the C++11 standard, char32_t and char16_t
are part of the C++ language, namely, keywords - see paragraph 2.12.1.
Consequently, they must not be declared in a header file.
To resolve this vile contradiction, use the predefined macro __cplusplus
to find out which language is in use for the current compilation unit -
see C11 paragraph 6.10.8.3 and C++11 paragraph 16.8.1.
Reminded of the problem by naddy@.
OK naddy@ who tested in make build / make release.
Looks reasonable to millert@.
cheloha [Tue, 5 Sep 2023 22:41:14 +0000 (22:41 +0000)]
clockintr: remove clockintr_expiration()
With the introduction of clockintr_advance_random(), this interface is
now unused. Remove it.
Suggested by mpi@.
Thread: https://marc.info/?l=openbsd-tech&m=
169392340028978&w=2
ok mpi@ mlarkin@
cheloha [Tue, 5 Sep 2023 22:29:28 +0000 (22:29 +0000)]
clockintr: remove clockintr_nsecuptime()
With the introduction of clockintr_advance_random(), this interface is
now unused. Remove it.
Suggested by mpi@.
Thread: https://marc.info/?l=openbsd-tech&m=
169392340028978&w=2
ok mpi@ mlarkin@
cheloha [Tue, 5 Sep 2023 22:25:41 +0000 (22:25 +0000)]
clockintr: add clockintr_advance_random()
Add clockintr_advance_random(). Its sole purpose is to simplify the
implementation of statclock's pseudorandom period.
Ideally, nothing else will use it and we will get rid of it and the
pseudorandom statclock period at some point in the near future.
Suggested by mpi@.
Thread: https://marc.info/?l=openbsd-tech&m=
169392340028978&w=2
ok mpi@ mlarkin@
espie [Tue, 5 Sep 2023 16:20:30 +0000 (16:20 +0000)]
github.io is https
zap the dot so that dumb cut&paste works
jca [Tue, 5 Sep 2023 16:01:58 +0000 (16:01 +0000)]
Log a dummy "<unknown>" IP address in the unlikely event that genameinfo(3) fails
clang-16 warning reported by robert@, ok tb@ millert@
florian [Tue, 5 Sep 2023 15:46:22 +0000 (15:46 +0000)]
Fix indentation, found with -Wmisleading-indentation.
Already commited upstream.