openbsd
3 years agoUse $SUDO when reading sshd's pidfile here too.
dtucker [Thu, 10 Jun 2021 09:46:28 +0000 (09:46 +0000)]
Use $SUDO when reading sshd's pidfile here too.

3 years agoUse $SUDO when reading sshd's pidfile in case it was created with a very
dtucker [Thu, 10 Jun 2021 09:43:51 +0000 (09:43 +0000)]
Use $SUDO when reading sshd's pidfile in case it was created with a very
restrictive umask.  This resyncs with -portable.

3 years agoSet umask when creating hostkeys to prevent excessive permissions warning.
dtucker [Thu, 10 Jun 2021 09:37:59 +0000 (09:37 +0000)]
Set umask when creating hostkeys to prevent excessive permissions warning.

3 years agoDo not clear region based on current cursor position, this is not
nicm [Thu, 10 Jun 2021 07:59:31 +0000 (07:59 +0000)]
Do not clear region based on current cursor position, this is not
necessary anymore and causes problems, GitHub issue 2735.

3 years agoFeature for the mouse since FreeBSD termcap does not have kmous.
nicm [Thu, 10 Jun 2021 07:59:08 +0000 (07:59 +0000)]
Feature for the mouse since FreeBSD termcap does not have kmous.

3 years agoFix rectangle selection, from Anindya Mukherjee, GitHub issue 2709.
nicm [Thu, 10 Jun 2021 07:58:42 +0000 (07:58 +0000)]
Fix rectangle selection, from Anindya Mukherjee, GitHub issue 2709.

3 years agoBump FORMAT_LOOOP_LIMIT and add a log message when hit, GitHub issue 2715.
nicm [Thu, 10 Jun 2021 07:58:08 +0000 (07:58 +0000)]
Bump FORMAT_LOOOP_LIMIT and add a log message when hit, GitHub issue 2715.

3 years agoFix <= operator.
nicm [Thu, 10 Jun 2021 07:57:06 +0000 (07:57 +0000)]
Fix <= operator.

3 years agoMore accurate vi(1) word navigation in copy mode and on the status line.
nicm [Thu, 10 Jun 2021 07:56:47 +0000 (07:56 +0000)]
More accurate vi(1) word navigation in copy mode and on the status line.
This changes the meaning of the word-separators option - setting it to
the empty string is equivalent to the previous behavior. From Will Noble
in GitHub issue 2693.

3 years agoDo not use NULL client when source-file finishes, GitHub issue 2707.
nicm [Thu, 10 Jun 2021 07:53:19 +0000 (07:53 +0000)]
Do not use NULL client when source-file finishes, GitHub issue 2707.

3 years agoAdd -F for command-prompt and use it to fix "Rename" on the window menu,
nicm [Thu, 10 Jun 2021 07:52:56 +0000 (07:52 +0000)]
Add -F for command-prompt and use it to fix "Rename" on the window menu,
GitHub issue 2699.

3 years agoDo not expand the file given with -f so it can contain :s.
nicm [Thu, 10 Jun 2021 07:52:29 +0000 (07:52 +0000)]
Do not expand the file given with -f so it can contain :s.

3 years agoRemove old shift function keys which interfere with xterm keys now.
nicm [Thu, 10 Jun 2021 07:52:07 +0000 (07:52 +0000)]
Remove old shift function keys which interfere with xterm keys now.
GitHub issue 2696.

3 years agoFire check callback after cleaning up event so it does not get stuck,
nicm [Thu, 10 Jun 2021 07:51:43 +0000 (07:51 +0000)]
Fire check callback after cleaning up event so it does not get stuck,
from Jeongho Jang in GitHub issue 2695.

3 years agoAdd different command historys for different types of prompts
nicm [Thu, 10 Jun 2021 07:50:03 +0000 (07:50 +0000)]
Add different command historys for different types of prompts
("command", "search" etc). From Anindya Mukherjee.

3 years agoFix warnings, from Jan Tache in GitHub issue 2692.
nicm [Thu, 10 Jun 2021 07:45:43 +0000 (07:45 +0000)]
Fix warnings, from Jan Tache in GitHub issue 2692.

3 years agoImprove logging of screen mode changes.
nicm [Thu, 10 Jun 2021 07:43:44 +0000 (07:43 +0000)]
Improve logging of screen mode changes.

3 years agoMove "special" keys into the Unicode PUA rather than making them top bit
nicm [Thu, 10 Jun 2021 07:38:28 +0000 (07:38 +0000)]
Move "special" keys into the Unicode PUA rather than making them top bit
set, some compilers do not allow enums that are larger than int. GitHub
issue 2673.

3 years agoChange cursor style handling so tmux understands which sequences contain
nicm [Thu, 10 Jun 2021 07:36:47 +0000 (07:36 +0000)]
Change cursor style handling so tmux understands which sequences contain
blinking and sets the flag appropriately, means that it works whether
cnorm disables blinking or not. GitHub issue 2682.

3 years agoChange resize timers and flags into one timer and a queue which is
nicm [Thu, 10 Jun 2021 07:33:41 +0000 (07:33 +0000)]
Change resize timers and flags into one timer and a queue which is
simpler and fixes problems with vim when resized multiple times. GitHub
issue 2677.

3 years agoDo not count client (and crash) if no window.
nicm [Thu, 10 Jun 2021 07:29:45 +0000 (07:29 +0000)]
Do not count client (and crash) if no window.

3 years agoThree changes to fix problems with xterm in VT340 mode, reported by
nicm [Thu, 10 Jun 2021 07:28:45 +0000 (07:28 +0000)]
Three changes to fix problems with xterm in VT340 mode, reported by
Thomas Sattler.

1) Do not include the DECSLRM or DECFRA features for xterm; they will be
   added instead if secondary DA responds as VT420 (this happens
   already).

2) Set or reset the individual flags after terminal-overrides is
   applied, so the user can properly disable them.

3) Add a capability for DECFRA ("Rect").

3 years agoInclude current client in size calculation for new sessions, GitHub
nicm [Thu, 10 Jun 2021 07:24:45 +0000 (07:24 +0000)]
Include current client in size calculation for new sessions, GitHub
issue 2662.

3 years agoAdd an "always" value to the extended-keys option to always forward
nicm [Thu, 10 Jun 2021 07:24:10 +0000 (07:24 +0000)]
Add an "always" value to the extended-keys option to always forward
these keys to applications inside tmux.

3 years agoback-to-indentation fixes, from Anindya Mukherjee.
nicm [Thu, 10 Jun 2021 07:22:37 +0000 (07:22 +0000)]
back-to-indentation fixes, from Anindya Mukherjee.

3 years agoFix display-menu -xR, from Alexis Hildebrandt.
nicm [Thu, 10 Jun 2021 07:22:06 +0000 (07:22 +0000)]
Fix display-menu -xR, from Alexis Hildebrandt.

3 years agoAdjust latest client when a client detaches, GitHub issue 2657.
nicm [Thu, 10 Jun 2021 07:21:46 +0000 (07:21 +0000)]
Adjust latest client when a client detaches, GitHub issue 2657.

3 years agoAdd another couple of keys needed for extended keys, GitHub issue 2658.
nicm [Thu, 10 Jun 2021 07:21:09 +0000 (07:21 +0000)]
Add another couple of keys needed for extended keys, GitHub issue 2658.

Handle modifier 9 as Meta, GitHub issue 2647.

3 years agoAdd Spleen 12x24 and 16x32 on amd64's RAMDISK_CD and arm64 RAMDISK kernels.
fcambus [Thu, 10 Jun 2021 06:54:42 +0000 (06:54 +0000)]
Add Spleen 12x24 and 16x32 on amd64's RAMDISK_CD and arm64 RAMDISK kernels.

The size of kernel fonts in RAMDISKs had long been a problem on systems
with large screen resolutions booting via EFI, as previously only the 8x16
font was built into RAMDISKs. As those systems are becoming more common,
this should make the installation and update process more comfortable.

OK deraadt@, jcs@

3 years agoBump pkg-config version to 1.8.0 to match portable package version
ratchov [Thu, 10 Jun 2021 05:02:50 +0000 (05:02 +0000)]
Bump pkg-config version to 1.8.0 to match portable package version

Suggested by brad@

3 years agorecognise Cortex-A510, Cortex-A710 and Cortex-X2
jsg [Thu, 10 Jun 2021 04:49:48 +0000 (04:49 +0000)]
recognise Cortex-A510, Cortex-A710 and Cortex-X2

3 years agoAdd regress test for SIGHUP restart while handling active and
dtucker [Thu, 10 Jun 2021 03:45:31 +0000 (03:45 +0000)]
Add regress test for SIGHUP restart while handling active and
unauthenticated clients.  Should catch anything similar to the
pselect bug just fixed in sshd.c.

3 years agoContinue accept loop when pselect returns -1, eg if it was interrupted
dtucker [Thu, 10 Jun 2021 03:14:14 +0000 (03:14 +0000)]
Continue accept loop when pselect returns -1, eg if it was interrupted
by a signal.  This should prevent the hang discovered by sthen@ wherein
sshd receives a SIGHUP while it has an unauthenticated child and goes
on to a blocking read on a notify_pipe.  feedback deraadt@, ok djm@

3 years agoRemove pledgenames() from OpenBSD::Pledge perl module
afresh1 [Wed, 9 Jun 2021 23:21:34 +0000 (23:21 +0000)]
Remove pledgenames() from OpenBSD::Pledge perl module

Pointed out by deraadt@, this is not what that that incomplete table is for.
While the code has been there for several years, I haven't found a use for it,
which is good because it would have been wrong.

While here, update my name.

3 years agoEnable MSI-X support for powerpc64.
kettenis [Wed, 9 Jun 2021 19:46:33 +0000 (19:46 +0000)]
Enable MSI-X support for powerpc64.

ok patrick@

3 years agoEnable libexecinfo.
mortimer [Wed, 9 Jun 2021 19:44:55 +0000 (19:44 +0000)]
Enable libexecinfo.

With some build plumbing help from jsg@

ok kettenis@ sthen@

3 years agoEnable libexecinfo regress.
mortimer [Wed, 9 Jun 2021 19:42:46 +0000 (19:42 +0000)]
Enable libexecinfo regress.

3 years agoAdd regress test for libexecinfo.
mortimer [Wed, 9 Jun 2021 19:39:15 +0000 (19:39 +0000)]
Add regress test for libexecinfo.

ok kettenis@ sthen@

3 years agoAdd libexecinfo.
mortimer [Wed, 9 Jun 2021 19:37:43 +0000 (19:37 +0000)]
Add libexecinfo.

Based on NetBSD implementation, without the libelf dependency. Architectures
which have libunwind use libunwind, and others use a stub implementation
that does nothing since __builtin methods are unreliable.

Much feedback and help from jca@.

ok kettenis@ sthen@

3 years agounveil: small cleanup for UNVEIL_INSPECT
semarie [Wed, 9 Jun 2021 17:52:47 +0000 (17:52 +0000)]
unveil: small cleanup for UNVEIL_INSPECT

remove two leftover checks which were used when ni_unveil was used with UNVEIL_INSPECT.

it was used by:
- readlink(2) - removed 2019-08-31
- stat(2) and access(2) - removed 2019-03-24

ok claudio@

3 years agowhitespace tweak. no functional change.
dlg [Wed, 9 Jun 2021 03:24:54 +0000 (03:24 +0000)]
whitespace tweak. no functional change.

3 years agodon't fatally error on failing to map visible VRAM
jsg [Wed, 9 Jun 2021 02:56:45 +0000 (02:56 +0000)]
don't fatally error on failing to map visible VRAM

Mapping VRAM here is an optimisation only attempted on 64 bit archs,
there is a fallback path if it fails.

Reported and fix tested by Jerome Kasper on RX 5500 XT (Navi 14) who
mentioned the mapping error did not occur with 6.9-stable.

3 years agocleanup printf pattern to remove double 0x when printing pointer
dv [Tue, 8 Jun 2021 23:18:43 +0000 (23:18 +0000)]
cleanup printf pattern to remove double 0x when printing pointer

mlarkin: "sure"

3 years agotest that UserKnownHostsFile correctly accepts multiple arguments;
djm [Tue, 8 Jun 2021 22:30:27 +0000 (22:30 +0000)]
test that UserKnownHostsFile correctly accepts multiple arguments;
would have caught readconf.c r1.356 regression

3 years agofix regression in r1.356: for ssh_config options that accepted
djm [Tue, 8 Jun 2021 22:06:12 +0000 (22:06 +0000)]
fix regression in r1.356: for ssh_config options that accepted
multiple string arguments, ssh was only recording the first.
Reported by Lucas via bugs@

3 years agoSimplify tlsext_ecpf_parse()
tb [Tue, 8 Jun 2021 19:34:44 +0000 (19:34 +0000)]
Simplify tlsext_ecpf_parse()

The default alert in the tlsext parsing code is a decode_error, so
there's no need for an error path that only sets that alert.

suggested by/ok jsing

3 years agoRewrap a comment to avoid an overlong line
tb [Tue, 8 Jun 2021 18:13:50 +0000 (18:13 +0000)]
Rewrap a comment to avoid an overlong line

3 years agoIgnore the record version for early alerts
tb [Tue, 8 Jun 2021 18:05:47 +0000 (18:05 +0000)]
Ignore the record version for early alerts

On receiving the first flight from the peer, we do not yet know if
we are using TLSv1.3. In particular, we might get an alert record
with record version 0x0300 from a pre-TLSv1.2 peer in response to
our client hello. Ignore the record version instead of sending a
protocol version alert in that situtation. This may also be hit
when talking to a LibreSSL 3.3 server with an illegal SNI.

Part of an issue reported by danj.

ok jsing

3 years agoTLSv1.3 server: avoid sending alerts in legacy records
tb [Tue, 8 Jun 2021 17:41:52 +0000 (17:41 +0000)]
TLSv1.3 server: avoid sending alerts in legacy records

As soon as we know that we're dealing with a TLSv1.3 client, set
the legacy version in the record layer to 0x0303 so that we send
alerts with the correct record version.  Previously we would send
early alerts with a record version of 0x0300.

ok jsing

3 years agoAdjust alert for ECPF without uncompressed point format
tb [Tue, 8 Jun 2021 17:22:00 +0000 (17:22 +0000)]
Adjust alert for ECPF without uncompressed point format

According to RFC 8422, we must send an illegal_parameter alert on
receiving an ECPF extension that doesn't include the uncompressed
format, not a decode_error.

Reported via GitHub issue #675.

ok jsing

3 years agovmd(8): malicious dhcp packets on local ifs can cause stack overflows
dv [Tue, 8 Jun 2021 14:37:48 +0000 (14:37 +0000)]
vmd(8): malicious dhcp packets on local ifs can cause stack overflows

A sufficiently large dhcp packet can cause a stack overflow in vmd's
internal dhcp server used for providing ip addresses to local guest
interfaces. (This does not affect non-local interfaces.)

The primary changes drop larger packets and change the memory copying
logic to use a compile-time constant. The dhcp option processing
also additional prevention for out of bound reads.

While here, improve construction of the dhcp response's hostname
handling to guard against overflowing the response dhcp options.

Vulnerability reported by Maxime Villard.

ok claudio@

3 years agoFix pkg-config .pc files with LibreSSL
inoguchi [Tue, 8 Jun 2021 11:19:39 +0000 (11:19 +0000)]
Fix pkg-config .pc files with LibreSSL

In libssl.pc, Libs: should not have '-lcrypto', and Requires.private:
should have it as 'libcrypto'.
openssl.pc does not need Libs: and Cflags:, but should have Requires:.

OK millert@

3 years agotest argv_split() optional termination on comments
djm [Tue, 8 Jun 2021 07:40:12 +0000 (07:40 +0000)]
test argv_split() optional termination on comments

3 years agoswitch sshd_config parsing to argv_split()
djm [Tue, 8 Jun 2021 07:09:42 +0000 (07:09 +0000)]
switch sshd_config parsing to argv_split()

similar to the previous commit, this switches sshd_config parsing to
the newer tokeniser. Config parsing will be a little stricter wrt
quote correctness and directives appearing without arguments.

feedback and ok markus@

tested in snaps for the last five or so days - thanks Theo and those who
caught bugs

3 years agoSwitch ssh_config parsing to use argv_split()
djm [Tue, 8 Jun 2021 07:07:15 +0000 (07:07 +0000)]
Switch ssh_config parsing to use argv_split()

This fixes a couple of problems with the previous tokeniser,
strdelim()

1. strdelim() is permissive wrt accepting '=' characters. This is
   intended to allow it to tokenise "Option=value" but because it
   cannot keep state, it will incorrectly split "Opt=val=val2".
2. strdelim() has rudimentry handling of quoted strings, but it
   is incomplete and inconsistent. E.g. it doesn't handle escaped
   quotes inside a quoted string.
3. It has no support for stopping on a (unquoted) comment. Because
   of this readconf.c r1.343 added chopping of lines at '#', but
   this caused a regression because these characters may legitimately
   appear inside quoted strings.

The new tokeniser is stricter is a number of cases, including #1 above
but previously it was also possible for some directives to appear
without arguments. AFAIK these were nonsensical in all cases, and the
new tokeniser refuses to accept them.

The new code handles quotes much better, permitting quoted space as
well as escaped closing quotes. Finally, comment handling should be
fixed - the tokeniser will terminate only on unquoted # characters.

feedback & ok markus@

tested in snaps for the last five or so days - thanks Theo and those who
caught bugs

3 years agoAdd testcases from bz#3319 for IPQoS and TunnelDevice being overridden
dtucker [Tue, 8 Jun 2021 07:05:27 +0000 (07:05 +0000)]
Add testcases from bz#3319 for IPQoS and TunnelDevice being overridden
on the command line.

3 years agoCheck if IPQoS or TunnelDevice are already set before overriding.
dtucker [Tue, 8 Jun 2021 07:02:46 +0000 (07:02 +0000)]
Check if IPQoS or TunnelDevice are already set before overriding.
Prevents values in config files from overriding values supplied on
the command line.  bz#3319, ok markus.

3 years agoAllow argv_split() to optionally terminate tokenisation when it
djm [Tue, 8 Jun 2021 06:54:40 +0000 (06:54 +0000)]
Allow argv_split() to optionally terminate tokenisation when it
encounters an unquoted comment.

Add some additional utility function for working with argument
vectors, since we'll be switching to using them to parse
ssh/sshd_config shortly.

ok markus@ as part of a larger diff; tested in snaps

3 years agosprinkle some "# comment" at end of configuration lines to test
djm [Tue, 8 Jun 2021 06:52:43 +0000 (06:52 +0000)]
sprinkle some "# comment" at end of configuration lines to test
comment handling

3 years agomore descriptive failure message
djm [Tue, 8 Jun 2021 06:51:47 +0000 (06:51 +0000)]
more descriptive failure message

3 years agoReplace hand rolled memory allocation in efid_io() with
krw [Tue, 8 Jun 2021 02:45:49 +0000 (02:45 +0000)]
Replace hand rolled memory allocation in efid_io() with
BS->AllocatePages() and BS->FreePages() as in all the other
efid_io() versions.

Don't leak the pages on success.

Bump boot version to 3.59.

ok yasuoka@

3 years agoReplace all uses of 'EFI_CALL(func, params)' with
krw [Mon, 7 Jun 2021 21:18:31 +0000 (21:18 +0000)]
Replace all uses of 'EFI_CALL(func, params)' with
the expansion 'func(params)'.

Allows upcoming removal of eficall.h.

Tested & ok patrick@

3 years agoAdd HTTPS URL for LACNIC TA
job [Mon, 7 Jun 2021 18:44:27 +0000 (18:44 +0000)]
Add HTTPS URL for LACNIC TA

OK deraadt@ claudio@

3 years agovmm(4): add dt tracepoints for guest entry/exit
dv [Mon, 7 Jun 2021 13:55:54 +0000 (13:55 +0000)]
vmm(4): add dt tracepoints for guest entry/exit

To aid in development and debugging, this adds a tracepoint prior
to vm entry and after vm exit. It captures the vcpu and run params
plus the exit code, but dt(4)/btrace(8) will need some future work
to leverage those args.

The location of the tracepoint might change in the future, but for
now this solves my issues trying to use printf's to debug vmcs state
corruption.

ok mpi@

3 years ago"intrisic" -> "intrinsic" in a couple of comments.
krw [Mon, 7 Jun 2021 13:38:58 +0000 (13:38 +0000)]
"intrisic" -> "intrinsic" in a couple of comments.

3 years agobtrace(8): add "cpu" to long conversion
dv [Mon, 7 Jun 2021 12:55:19 +0000 (12:55 +0000)]
btrace(8): add "cpu" to long conversion

Special values need to be translated to longs for use with functions
like hist/lhist. Add "cpu" to conversion list.

ok mpi@

3 years agotweak previous: avoid markup and refer to an HTTP header only by its
tb [Mon, 7 Jun 2021 10:53:59 +0000 (10:53 +0000)]
tweak previous: avoid markup and refer to an HTTP header only by its
name as is done elsewhere on this page.

pointed out by jmc

3 years agoKill SS_ASYNC and only check SB_ASYNC when async signals are wanted.
mpi [Mon, 7 Jun 2021 09:10:32 +0000 (09:10 +0000)]
Kill SS_ASYNC and only check SB_ASYNC when async signals are wanted.

This socket flag was redundant with the socket buffer one.

ok mvs@

3 years agoChanging the default from (W)hole disk to (E)dit MBR wasn't enough to prevent
kettenis [Mon, 7 Jun 2021 07:38:55 +0000 (07:38 +0000)]
Changing the default from (W)hole disk to (E)dit MBR wasn't enough to prevent
folks from shooting themselves in the foot.  Make sure (W) can't be used
if an "APFS ISC" is found on the disk.  This is the most essential
partition that is required for Apple M1 machines to boot.

ok krw@, deraadt@

3 years agofix debug message when finding a private key to match a certificate
djm [Mon, 7 Jun 2021 03:38:38 +0000 (03:38 +0000)]
fix debug message when finding a private key to match a certificate
being attempted for user authentication. Previously it would print
the certificate's path, whereas it was supposed to be showing the
private key's path. Patch from Alex Sherwin via GHPR247

3 years agotest AuthenticationMethods inside a Match block as well as in
djm [Mon, 7 Jun 2021 01:16:34 +0000 (01:16 +0000)]
test AuthenticationMethods inside a Match block as well as in
the main config section

3 years agoReplace all uses of 'EFI_CALL(func, params)' with
krw [Mon, 7 Jun 2021 00:04:20 +0000 (00:04 +0000)]
Replace all uses of 'EFI_CALL(func, params)' with
the expansion 'func(params)'.

Allows upcoming removal of eficall.h.

3 years agoprepare for stricter sshd_config parsing that will refuse a config
djm [Mon, 7 Jun 2021 00:00:50 +0000 (00:00 +0000)]
prepare for stricter sshd_config parsing that will refuse a config
that has {Allow,Deny}{Users,Groups} on a line with no subsequent
arguments. Such lines are permitted but are nonsensical noops ATM

3 years agoReplace all uses of 'EFI_CALL(func, params)' with
krw [Sun, 6 Jun 2021 23:56:55 +0000 (23:56 +0000)]
Replace all uses of 'EFI_CALL(func, params)' with
the expansion 'func(params)'.

Allows upcoming removal of eficall.h.

Tested & ok naddy@

3 years agoTest must build also when started with make regress. Use consistent
bluhm [Sun, 6 Jun 2021 22:53:06 +0000 (22:53 +0000)]
Test must build also when started with make regress.  Use consistent
variable names in make file.

3 years agoappease mandoc -Tlint
tb [Sun, 6 Jun 2021 22:00:35 +0000 (22:00 +0000)]
appease mandoc -Tlint

3 years agoAdd .Pp for consistency with all other config blocks.
tb [Sun, 6 Jun 2021 21:59:20 +0000 (21:59 +0000)]
Add .Pp for consistency with all other config blocks.

3 years agoUse installboot(8) on arm64 ramdisks like we do for amd64.
kettenis [Sun, 6 Jun 2021 18:58:14 +0000 (18:58 +0000)]
Use installboot(8) on arm64 ramdisks like we do for amd64.

ok krw@

3 years agoMatch host certificates against host public keys, not private keys.
djm [Sun, 6 Jun 2021 11:34:16 +0000 (11:34 +0000)]
Match host certificates against host public keys, not private keys.
Allows use of certificates with private keys held in a ssh-agent.
Reported by Miles Zhou in bz3524; ok dtucker@

3 years agoAdd firmware selection for BRCM_CC_43241_CHIP_ID (0x4324).
aoyama [Sun, 6 Jun 2021 10:48:30 +0000 (10:48 +0000)]
Add firmware selection for BRCM_CC_43241_CHIP_ID (0x4324).

According to NetBSD, this chip uses one of three firmwares depending
on its revision, but all of them are already included in the
bwfm-firmware package, so we can load one of them.

ok patrick@ sthen@

3 years agoClient-side workaround for a bug in OpenSSH 7.4: this release allows
djm [Sun, 6 Jun 2021 03:40:39 +0000 (03:40 +0000)]
Client-side workaround for a bug in OpenSSH 7.4: this release allows
RSA/SHA2 signatures for public key authentication but fails to advertise
this correctly via SSH2_MSG_EXT_INFO. This causes clients of these
server to incorrectly match PubkeyAcceptedAlgorithms and potentially
refuse to offer valid keys.

Reported by and based on patch from Gordon Messmer via bz3213, thanks
also for additional analysis by Jakub Jelen. ok dtucker

3 years agodegrade gracefully if a sftp-server offers the limits@openssh.com
djm [Sun, 6 Jun 2021 03:17:02 +0000 (03:17 +0000)]
degrade gracefully if a sftp-server offers the limits@openssh.com
extension but fails when the client tries to invoke it.
Reported by Hector Martin via bz3318

3 years agothe limits@openssh.com extension was incorrectly marked as an
djm [Sun, 6 Jun 2021 03:15:39 +0000 (03:15 +0000)]
the limits@openssh.com extension was incorrectly marked as an
operation that writes to the filesystem, which made it unavailable
in sftp-server read-only mode. Spotted by Hector Martin via bz3318

3 years agoPROTOCOL.certkeys: update reference from IETF draft to RFC
naddy [Sat, 5 Jun 2021 13:47:00 +0000 (13:47 +0000)]
PROTOCOL.certkeys: update reference from IETF draft to RFC

Also fix some typos.
ok djm@

3 years agothis file includes sys/param.h, so does not need to redefine PAGE_MASK
deraadt [Sat, 5 Jun 2021 13:32:52 +0000 (13:32 +0000)]
this file includes sys/param.h, so does not need to redefine PAGE_MASK

3 years agoRemove now unused eficall.S.
krw [Fri, 4 Jun 2021 15:19:38 +0000 (15:19 +0000)]
Remove now unused eficall.S.

prodded by jsg@

3 years agounbreak regress/libexec/ld.so/nodelete test
semarie [Fri, 4 Jun 2021 10:01:49 +0000 (10:01 +0000)]
unbreak regress/libexec/ld.so/nodelete test

pointed by bluhm@

3 years agoregen
mvs [Fri, 4 Jun 2021 09:06:09 +0000 (09:06 +0000)]
regen

3 years agoUnlock connect(2). Again.
mvs [Fri, 4 Jun 2021 09:05:19 +0000 (09:05 +0000)]
Unlock connect(2). Again.

ok mpi@

3 years agoavoid a use after free in a path taken if malloc M_NOWAIT fails
jsg [Fri, 4 Jun 2021 07:29:54 +0000 (07:29 +0000)]
avoid a use after free in a path taken if malloc M_NOWAIT fails

3 years agoThe RB_GENERATE_STATIC(3) macro expands to a series of function
djm [Fri, 4 Jun 2021 06:19:07 +0000 (06:19 +0000)]
The RB_GENERATE_STATIC(3) macro expands to a series of function
definitions and not a statement, so there should be no semicolon
following them. Patch from Michael Forney

3 years agorework authorized_keys example section, removing irrelevant stuff,
djm [Fri, 4 Jun 2021 05:59:18 +0000 (05:59 +0000)]
rework authorized_keys example section, removing irrelevant stuff,
de-wrapping the example lines and better aligning the examples with
common usage and FAQs; ok jmc

3 years agoadjust SetEnv description to clarify $TERM handling
djm [Fri, 4 Jun 2021 05:10:03 +0000 (05:10 +0000)]
adjust SetEnv description to clarify $TERM handling

3 years agoSwitch the listening select loop from select() to pselect() and
dtucker [Fri, 4 Jun 2021 05:09:08 +0000 (05:09 +0000)]
Switch the listening select loop from select() to pselect() and
mask signals while checking signal flags, umasking for pselect and
restoring afterwards. Also restore signals before sighup_restart
so they don't remain blocked after restart.

This prevents a race where a SIGTERM or SIGHUP can arrive between
checking the flag and calling select (eg if sshd is processing a
new connection) resulting in sshd not shutting down until the next
time it receives a new connection.  bz#2158, with & ok djm@

3 years agoallow ssh_config SetEnv to override $TERM, which is otherwise handled
djm [Fri, 4 Jun 2021 05:02:40 +0000 (05:02 +0000)]
allow ssh_config SetEnv to override $TERM, which is otherwise handled
specially by the protocol. Useful in ~/.ssh/config to set TERM to
something generic (e.g. "xterm" instead of "xterm-256color") for
destinations that lack terminfo entries. feedback and ok dtucker@

3 years agocorrect extension name "no-presence-required" => "no-touch-required"
djm [Fri, 4 Jun 2021 04:02:21 +0000 (04:02 +0000)]
correct extension name "no-presence-required" => "no-touch-required"

document "verify-required" option

3 years agodisable ppgtt on cherryview/braswell
jsg [Fri, 4 Jun 2021 01:52:21 +0000 (01:52 +0000)]
disable ppgtt on cherryview/braswell

With ppgtt enabled the contents of struct gen6_ppgtt are overwritten
leading to unexpected values for vma pointer such as 0 and 1.

Multiple people have reported problems with 6.9 on cherryview/braswell
with traces along the lines of

uvm_fault(0xffffffff8214ea68, 0xb8, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at      i915_ggtt_pin+0x29:     movq    0xb8(%rdi),%r12
i915_ggtt_pin(0,10000,20) at i915_ggtt_pin+0x29
gen6_ppgtt_pin(ffff800000cb9400) at gen6_ppgtt_pin+0x7c
__intel_context_do_pin(fffffd817dc8ad80) at __intel_context_do_pin+0xca
intel_engines_init(ffff800000104c38) at intel_engines_init+0x4b5
intel_gt_init(ffff800000104c38) at intel_gt_init+0x130
i915_gem_init(ffff800000100000) at i915_gem_init+0xa3
i915_driver_probe(ffff800000100000,ffffffff81fc6e90) at i915_driver_probe+0x7ed

The "use drm_mm from linux 5.7.y" commit made last October is
implicated in the change in behaviour but does not itself have any
cherryview/braswell specific changes. There is at least one report on
misc@ which suggests this occurred in some situations with 6.8 which
lacks that change.

Thanks to the people who reported this in particular Matthias Pressfreund
who tested many patches.

3 years agomachine/cpu.h requires a pre-include of sys/time.h
deraadt [Fri, 4 Jun 2021 00:29:15 +0000 (00:29 +0000)]
machine/cpu.h requires a pre-include of sys/time.h

3 years agoyasuoka@ pointed out that amd64 clang now understands
krw [Fri, 4 Jun 2021 00:09:34 +0000 (00:09 +0000)]
yasuoka@ pointed out that amd64 clang now understands
'__attribute((ms_abi))', removing the need for the EFI_CALL
abstraction.

Nuke the amd64 EFI_CALL dance from all copies of eficall.h,
remove eficall.S from the build.

ok kettenis@ yasuoka@

3 years agoImplement multicast support in mvpp(4) to make IPv6 work. With this
patrick [Thu, 3 Jun 2021 21:42:23 +0000 (21:42 +0000)]
Implement multicast support in mvpp(4) to make IPv6 work.  With this
change it's also not necessary to remember the old lladdr, since the
old one will be purged automatically prior to installing the current
set of multicast addresses.

Complaint filed by matthieu@