schwarze [Sun, 20 Nov 2022 23:35:00 +0000 (23:35 +0000)]
Fix a surprising quirk in BN_GF2m_mod(3).
All other wrappers in the same file that use a temporary array of
degrees size that array dynamically, such that they are able to
handle reducing polynomials of arbitrary lengths. BN_GF2m_mod(3)
was the only one that used a static array of size 6 instead, limiting
it to trinomials and pentanomials and causing it to fail for longer
reducing polynomials.
Make this more uniform and less surprising by using exactly the
same code as in all the other wrappers, such that BN_GF2m_mod(3)
works with reducing polynomials of arbitrary length, too, just like
the others.
Again, tb@ points out this quirk is very unlikely to cause
vulnerabilities in practice because cryptographic applications do
not use longer reducing polynomials.
This patch is not expected to significantly impact performance
because the relevant caller, BN_GF2m_mod_div(3), already uses dynamic
allocation via BN_GF2m_mod_mul(3).
OK tb@
schwarze [Sun, 20 Nov 2022 22:23:43 +0000 (22:23 +0000)]
Fix an off-by-one bug in BN_GF2m_poly2arr(3).
If the last argument, the size of the output array, is too small to
contain all degrees present in the input polynomial plus one for the
terminating -1, the function is documented to return the size of the
output array that would be needed (in comments in the source code, in
the new manual page, and by the way how the function is used by other
functions in the same file). However, in case of overflow, the existing
code failed to include the element needed for the terminating -1 in the
return value, wrongly indicating success if everything but the -1 did
fit and reporting failure with a size that was still too small otherwise.
According to tb@, this is very unlikely to cause vulnerabilities in
practical applications because there is no real reason to pick a
reducing polynomial longer than a pentanomial, because all known
callers use either fixed size arrays of size 6 or dynamic allocation,
because use of GF(2^m) is rare in practice, and GF(2^m) with custom
reducing polynomials even more so.
OK tb@
kn [Sun, 20 Nov 2022 16:45:10 +0000 (16:45 +0000)]
Sync struct pfi_kif with reality
pfik_srcnodes and pfik_flagrefs members were added in sys/net/pfvar.h
r1.492 (jul 2019) and r1.505 (dec 2021), respectively.
deraadt [Sat, 19 Nov 2022 23:09:49 +0000 (23:09 +0000)]
correct alignment; from brad
kn [Sat, 19 Nov 2022 19:23:37 +0000 (19:23 +0000)]
fix vertical spacing in previous
cheloha [Sat, 19 Nov 2022 16:23:48 +0000 (16:23 +0000)]
mips64, loongson, octeon: switch to clockintr
- Remove mips64-specific clock interrupt scheduling bits from cpu_info.
- Add missing tick_nsec initialization to cpu_initclocks().
- Disable the glxclk interrupt clock on loongson. visa@/miod@ say it
can be removed later if it isn't useful for anything else.
- Wire up cp0_intrclock.
Notes:
- The loongson apm_suspend() changes are untested, but deraadt@ claims
APM suspend/resume on loongson doesn't work anyway.
- loongson and octeon now have a randomized statclock(), stathz = hz.
With input from miod@, visa@. Tested by miod@, visa@.
Link: https://marc.info/?l=openbsd-tech&m=166776379603497&w=2
ok visa@ mlarkin@
cheloha [Sat, 19 Nov 2022 16:02:37 +0000 (16:02 +0000)]
riscv64: switch to clockintr
- Remove riscv64-specific clock interrupt scheduling bits from
cpu_info.
- Remove riscv64-specific randomized statclock() bits from
riscv64/clock.c.
- Remove the 'stat_count' evcount. All clock interrupts are
now counted via the 'clock_count' evcount.
- Wire up timer_intrclock.
With input from jca@, kettenis@. Tested by jca@.
Link: https://marc.info/?l=openbsd-tech&m=166776413003655&w=2
ok kettenis@ jca@ mlarkin@
mvs [Sat, 19 Nov 2022 15:12:38 +0000 (15:12 +0000)]
Decrease netlock pressure in pppx(4).
Push netlock down to pppx_add_session(). The 'pppx_if' structure has
the `pxi_ready' member to prevent access to incomplete `pxi', so we
don't need to hold netlock during all initialisation process. This
removes potential PR_WAITOK/M_WAITOK allocations impact on packet
processing. Also this removes relock dances around if_attach() and
if_detach() calls.
Do not grab netlock for FIONREAD. mbuf(9) queue doesn't rely on it.
Do not grab netlock around pipex_ioctl() call. pipex(4) has its own
protection and doesn't rely on netlock. We need to unlink pipex(4)
session before destroy associated `pxi', it can't be killed
concurrently. Also this stops to block packet processing when npppd(8)
periodically does PIPEXGCLOSED ioctl(2) commands.
The dummy FIONBIO case doesn't require any lock to be held.
The netlock remains to be taken around pppx_del_session() and
pppx_set_session_descr() because pppx(4) data structures rely on it.
Tested by Hrvoje Popovski.
ok yasuoka@
kn [Sat, 19 Nov 2022 14:26:39 +0000 (14:26 +0000)]
Push kernel lock into pru_control() aka. in6_control() / in_control()
so->so_state is already read without kernel lock inside soo_ioctl()
which calls pru_control() aka in6_control() and in_control().
OK mvs
kn [Sat, 19 Nov 2022 14:01:51 +0000 (14:01 +0000)]
Prettify expired rules printing
"pfctl -s rules" omits expired rules but print newlines for them.
"pfctl -s rules -v" omits expired rules but print their stats.
Add the existing skip check to those two missing print logic places such
that expired rules won't cause any output at all, as expected, unless
debug ("-g") or more verbose ("-vv") mode are given, as documented.
OK sashan
tb [Sat, 19 Nov 2022 12:25:23 +0000 (12:25 +0000)]
Fix comment describing BN_mod_sqrt()
It was placed and formatted weirdly. Fix the title of the book referenced
and complete the reference's information.
tb [Sat, 19 Nov 2022 11:53:38 +0000 (11:53 +0000)]
Rework pkey_dsa_sign() and pkey_dsa_verify()
Since DSA_sign() and DSA_verify() ignore their type argument, don't bother
to determine it here. Check all size_t for overflow before passing them as
int arguments. Follow OpenSSL and add a check to see if the tbs blob's
length matches the one of the md, in case it is set on the EVP_PKEY_CTX.
Fix return value check of DSA_sign().
ok jsing
tb [Sat, 19 Nov 2022 11:48:24 +0000 (11:48 +0000)]
Rework DSA_sign() and DSA_verify()
Change DSA_sign() to single exit and check the signed i2d_DSA_SIG() return
value before assigning it to an unsigned int.
In DSA_verify() let d2i_DSA_SIG() handle the allocation, split error check
of i2d_DSA_SIG() from signature check and change an unnecessary freezero()
to free.
ok jsing
sthen [Sat, 19 Nov 2022 08:02:11 +0000 (08:02 +0000)]
Add O: to the getopt string for newfs in mount_mfs mode, allowing it to
optionally use FFS2 (stu@ ran into a problem when running some tests on
an MFS filesystem that involved future dates).
Correct the manual which said that FFS2 is the default, which isn't the
case for mount_mfs.
lgtm miod@
tb [Sat, 19 Nov 2022 07:29:29 +0000 (07:29 +0000)]
Fix an annoying quirk in the EC code
Dealing with elliptic curves makes some people think that it would be kind
of neat to multiply types with variable names. Sometimes. Only in function
definitions.
tb [Sat, 19 Nov 2022 07:00:57 +0000 (07:00 +0000)]
whitespace
tb [Sat, 19 Nov 2022 06:33:00 +0000 (06:33 +0000)]
Fix whitespace
tb [Sat, 19 Nov 2022 04:36:52 +0000 (04:36 +0000)]
Unindent and check some pointers explicitly against NULL
tb [Sat, 19 Nov 2022 04:32:49 +0000 (04:32 +0000)]
Remove HMAC PRIVATE KEY support
This is an undocumented feature of openssl genpkey for testing purposes.
Emilia removed support for this 'bogus private key format' from OpenSSL
in 2017 in commit
c26f655fdd18ac19016c1c0496105f5256a1e84d.
ok jsing
tb [Fri, 18 Nov 2022 20:03:36 +0000 (20:03 +0000)]
Check os for NULL before dereferencing it
Avoids a segfault when both priv == NULL and os == NULL.
ok miod
mbuhl [Fri, 18 Nov 2022 19:47:40 +0000 (19:47 +0000)]
In channel_request_remote_forwarding the parameters for permission_set_add
are leaked as they are also duplicated in the call.
Found by CodeChecker.
ok djm
florian [Fri, 18 Nov 2022 19:07:54 +0000 (19:07 +0000)]
Add four new SI prefixes.
This is resolution 3 "Sur l’extension de la liste des préfixes du SI",
passed by the 27th meeting of the Conférence générale des poids et
mesures.
OK deraadt, daniel, sthen
mbuhl [Fri, 18 Nov 2022 18:56:39 +0000 (18:56 +0000)]
Revert my last two changes.
If csa_bundled is set, exactly two csas exist and they point to
each other. Therefore childsa_free already sets the bundled csa
pointer to NULL and it shouldn't be done after calling childsa_free.
ok tobhe@
tb [Fri, 18 Nov 2022 18:32:14 +0000 (18:32 +0000)]
zap a stray semicolon
kn [Fri, 18 Nov 2022 18:11:10 +0000 (18:11 +0000)]
Improve "once" bits
- use imperative tense in the pf.conf(5) "once" part
- leave printing implementation details to pfctl(8)'s "-s rules" part
- use more markup
- debug mode also prints expired rules
OK jmc sashan
tb [Fri, 18 Nov 2022 15:10:51 +0000 (15:10 +0000)]
Include bytestring.h directly rather than pulling it in via asn1_locl.h
tb [Fri, 18 Nov 2022 15:01:04 +0000 (15:01 +0000)]
Wire up HMAC to raw private key methods
Obviously, the brilliant API design kitchen decided that an interface
carrying public and private key in its name (so that every sane person
thinks of asymmetric cryptography), is also perfectly suitable for MACs.
Wire up HMAC since Ruby's OpenSSL gem uses these bindings if the build
system detects that EVP_PKEY_new_raw_public_key() is available in evp.h.
While there, also add the missing pub_cmp() ameth, which obviously
treats two things as equal by returning 1.
Reported by jeremy and anton, fixes regress/lib/libssl/openssl-ruby tests
ok jsing
millert [Fri, 18 Nov 2022 14:52:03 +0000 (14:52 +0000)]
Write number of bytes read/written and "?" prompt to stdout, not stderr.
This matches both historical behavior and the POSIX specification.
From Soeren Tempel.
tb [Fri, 18 Nov 2022 14:45:10 +0000 (14:45 +0000)]
Change the pkey.ptr from char * to void *
Now that EVP_PKEY is opaque, there is no reason to keep the ptr member
of the pkey union as a weird char pointer, a void pointer will do. This
avoids a few stupid casts and simplifies an upcoming diff.
ok jsing
tb [Fri, 18 Nov 2022 14:38:34 +0000 (14:38 +0000)]
Move skiplist to main and merge with shortlist.
With/ok job
jmc [Fri, 18 Nov 2022 11:07:10 +0000 (11:07 +0000)]
zap errant space in usage();
claudio [Fri, 18 Nov 2022 10:26:04 +0000 (10:26 +0000)]
Add aspa-set config test.
claudio [Fri, 18 Nov 2022 10:17:23 +0000 (10:17 +0000)]
Add plumbing for ASPA support. This implements the parser and part of the
logic in the rtr process. It does not implement the new RTR messages yet
but it is possible to specify an aspa-set in the config. Also the validation
code in the RDE is missing so this does not do anything.
With this in it will be possible to extend rpki-client to publish an
aspa-set as part of the openbgpd config file.
OK tb@
tb [Fri, 18 Nov 2022 07:28:34 +0000 (07:28 +0000)]
group -> field
discussed with schwarze
tb [Fri, 18 Nov 2022 07:27:31 +0000 (07:27 +0000)]
polynominal -> polynomial
ok schwarze
anton [Fri, 18 Nov 2022 06:43:39 +0000 (06:43 +0000)]
cope with new getaddrinfo() error message
deraadt [Fri, 18 Nov 2022 05:58:56 +0000 (05:58 +0000)]
sync
deraadt [Fri, 18 Nov 2022 03:47:21 +0000 (03:47 +0000)]
mips64 code calls uvm_map_protect() directly, so needs to adapt:
stack growth from setrlimit was never updated to set UVM_ET_STACK on
the entries, so the check-sp-at-system-call check failed. Quite strange
it took this long to find this.
ok kettenis
schwarze [Fri, 18 Nov 2022 01:21:40 +0000 (01:21 +0000)]
new manual page BN_GF2m_add(3)
concerning arithmetic in Galois fields of power-of-2 order
deraadt [Thu, 17 Nov 2022 23:26:07 +0000 (23:26 +0000)]
With regret, place mutexes after struct vm_map fields which are inspected
by libkvm and procmap(8). struct mutex can change based upon kernel
compile options, and the fields were dancing around
ok kettenis
tb [Thu, 17 Nov 2022 22:45:48 +0000 (22:45 +0000)]
Avoid a few unnecessary contortions
Turns out that after ~40 years of practice I still can't do addition
with carry correctly :S
tb [Thu, 17 Nov 2022 21:19:43 +0000 (21:19 +0000)]
Use a fixed-size array for the message and simplify a few other curly
things.
job [Thu, 17 Nov 2022 20:51:39 +0000 (20:51 +0000)]
Schedule cleanup of '-r' now useless getopt option
OK tb@
job [Thu, 17 Nov 2022 20:49:38 +0000 (20:49 +0000)]
Add shortlist functionality, a compagnion to the skiplist
If the operator specifies the '-H' option once (or more) followed by a FQDN,
the utility will *only* connect to those hosts and skip all others.
OK claudio@ tb@
tb [Thu, 17 Nov 2022 19:07:52 +0000 (19:07 +0000)]
Add initial Wycheproof EdDSA test coverage
tb [Thu, 17 Nov 2022 19:06:35 +0000 (19:06 +0000)]
Add a regression test for curve25519.c r1.14
Generate random signatures of random messages and verify them. Then check
that the signature modified by adding the edwards25519 group order to the
upper half are rejected. This would not always be accepted without the
check in curve25519.c r1.14, but often enough that a few iterations suffice
to expose the missing check.
tb [Thu, 17 Nov 2022 19:01:59 +0000 (19:01 +0000)]
Prevent
Ed25519 signature malleability
Add a check that ensures that the upper half s of an
Ed25519 signature is
bounded by the group order, i.e, 0 <= s < order. This is required by the
Verify procedure in RFC 8032, section 5.1.7, step 1, and prevents simple
modifications of signatures such as adding (a multiple of) the group order
to the upper half of the signature.
Found with EdDSA testcase 63 of project Wycheproof.
ok beck jsing
deraadt [Thu, 17 Nov 2022 18:53:05 +0000 (18:53 +0000)]
stack growth from setrlimit was never updated to set UVM_ET_STACK on
the entries, so the check-sp-at-system-call check failed. Quite strange
it took this long to find this.
ok kettenis
mvs [Thu, 17 Nov 2022 18:05:43 +0000 (18:05 +0000)]
style(9) fix. No functional change.
florian [Thu, 17 Nov 2022 17:39:41 +0000 (17:39 +0000)]
Restrict what getaddrinfo(3) is willing to try to resolve.
Programs assume that a successful call to getaddrinfo(3) validates the
input as "safe", but that's not true. Characters like '$', '`', '\n'
or '*' can traverse the DNS without problems, but have special
meaning, for example a shell.
There is a function res_hnok() already in libc, but it validates if a
string is a host name, which is too strict in practice. For example
foo-.example.com is not a valid host name, but is used on the
Internet.
Posix has this to say:
"The getaddrinfo() function shall translate the name of a service
location (for example, a host name)"
It hints that the input should be a host name, but it does not
restrict it to it.
This introduces a function hnok_lenient() which restricts the input to
getaddrinfo(3) to the set [A-z0-9-_.]. Additionally two consecutive
dots ('.') are not allowed nor can the string start with - or '.'.
glibc introduced a similar restriction years ago, so this should not
cause problems.
It has been known in the DNS community for years, probably decades
that getaddrinfo(3) is too lenient what it accepts, but it has always
been kicked down the road as "not a DNS problem". Unfortunately this
information never made it out of the DNS community and no coordinated
effort happened to have this addressed in operating systems.
David Leadbeater recently demonstrated how ssh(1) and ftp(1) are too
trusting with what getaddrinfo(3) accepts. Both have been fixed
independently of this.
Input deraadt, eric
OK millert, deraadt
tobhe [Thu, 17 Nov 2022 13:30:21 +0000 (13:30 +0000)]
Add apple-boot firmware for Apple arm64 machines in fw_update(8) patterns.
The pattern matches the printed CPU_IMPL_APPLE name as in:
cpu0 at mainbus0 mpidr 0: Apple Icestorm Pro r2p0
cpu0 at mainbus0 mpidr 0: Apple Blizzard r1p0
ok deraadt@ afresh@ kettenis@
robert [Thu, 17 Nov 2022 12:24:02 +0000 (12:24 +0000)]
add .gnu.warning.SYMBOL support to ld.lld(1) to display the warnings in
these sections like ld.bfd(1)
e.g:
add.c(add.o:(add)): warning: sprintf() is often misused, please use snprintf()
add.c(add.o:(add)): warning: strcpy() is almost always misused, please use strlcpy()
add.c(add.o:(add)): warning: strcat() is almost always misused, please use strlcat()
ok deraadt@
dlg [Thu, 17 Nov 2022 01:30:57 +0000 (01:30 +0000)]
whitespace fixes. no functional change.
beck [Thu, 17 Nov 2022 00:42:12 +0000 (00:42 +0000)]
Revert "Check certificate extensions in trusted certificates"
There are some possible strange side effects noticed by the
openssl cms regress tests that I missed. Backing this out
until I untangle it
ok tb@
deraadt [Wed, 16 Nov 2022 18:48:50 +0000 (18:48 +0000)]
sync
florian [Wed, 16 Nov 2022 18:30:12 +0000 (18:30 +0000)]
tolower(3) guarantees to return its argument unchanged if it's not
uppercase.
While here use the correct idiom of casting to unsigned char.
OK millert, farewell to ultrix deraadt
schwarze [Wed, 16 Nov 2022 15:34:41 +0000 (15:34 +0000)]
mark BN_X931_derive_prime_ex, BN_X931_generate_prime_ex,
and BN_X931_generate_Xpq as intentionally undocumented because
they are unused outside OpenSSL/LibreSSL and deprecated in OpenSSL 3.0
schwarze [Wed, 16 Nov 2022 14:55:40 +0000 (14:55 +0000)]
expose the documentation of X509_STORE_CTX_verify_fn(3)
and X509_STORE_set_verify(3) and document X509_STORE_get_verify(3)
which tb@ all provided with x509_vfy.h revisions 1.48 and 1.49
schwarze [Wed, 16 Nov 2022 14:51:08 +0000 (14:51 +0000)]
document X509_STORE_CTX_verify_cb(3) and X509_STORE_get_verify_cb(3)
which tb@ provided with x509_vfy.h revisions 1.48 and 1.49
schwarze [Wed, 16 Nov 2022 14:19:22 +0000 (14:19 +0000)]
Mark BN_mod_exp2_mont() as intentionally undocumented.
It appears to be intended for internal use by DSA_do_verify(3) and using
codesearch.debian.net, i found nothing outside OpenSSL/LibreSSL using it.
In April 2018, jsing@ questioned whether the five related functions
BN_mod_exp_mont() and friends should even be exposed by <openssl/bn.h>,
so we decided to not document them. Now tb@ agrees that there is no
reason to document BN_mod_exp2_mont() as long as we don't want to
document BN_mod_exp_mont().
job [Wed, 16 Nov 2022 08:57:38 +0000 (08:57 +0000)]
Align output to a more tabular view
OK claudio@
tb [Wed, 16 Nov 2022 08:34:07 +0000 (08:34 +0000)]
Remove an outdated TODO
mvs [Tue, 15 Nov 2022 22:47:15 +0000 (22:47 +0000)]
style(9) fix. No functional change.
claudio [Tue, 15 Nov 2022 18:42:46 +0000 (18:42 +0000)]
Not assigning a link local address by default breaks various things.
A lot of code depends on a eui64 address to be present. So revert this
bit of the last commit.
OK florian@
schwarze [Tue, 15 Nov 2022 17:55:00 +0000 (17:55 +0000)]
document BN_mod_sqrt(3)
mvs [Tue, 15 Nov 2022 17:16:44 +0000 (17:16 +0000)]
Take `vmobjlock' around uao_grow() and uao_shrink() calls to fix tmpfs
panics [1].
1. https://marc.info/?l=openbsd-bugs&m=
165012301707403&w=2
from Leo Larnack <leo at pseven.xyz>
ok kn@ mpi@
sthen [Tue, 15 Nov 2022 10:44:06 +0000 (10:44 +0000)]
sync
kn [Mon, 14 Nov 2022 22:45:02 +0000 (22:45 +0000)]
Unlock SIOCGIFG{MEMB,ATTR,LIST}
The global interface group list is also protected by the net lock and all
access to it (all within if.c) take it accordingly.
Getting all
- members of a group (SIOCGIFGMEMB),
- attributes of a group (SIOCGIFGATTR),
- groups (SIOCGIFGLIST)
are each read-only operations on the global interface group `ifg_head'.
The global interface list `ifnetlist' or its per-interface group lists are
not used in these ioctls.
OK mvs
kn [Mon, 14 Nov 2022 22:07:30 +0000 (22:07 +0000)]
Unlock SIOCGIFCONF
As netintro(4) explains, this copies a bunch of data from the global
interface list as well as its per-interface address lists.
All of this is never written to by ifconf(), protected by the net lock
and documented as such in the struct comments already.
OK mvs
kn [Mon, 14 Nov 2022 22:06:25 +0000 (22:06 +0000)]
Document global interface group list locking
The per-interface group list is protected by the net lock and already
documented as such.
The global interface group list `ifg_head' is also protected by the net
lock and all access to it (all within if.c) take it accordingly.
Feedback OK mvs
sthen [Mon, 14 Nov 2022 21:09:32 +0000 (21:09 +0000)]
merge conflicts
sthen [Mon, 14 Nov 2022 21:07:49 +0000 (21:07 +0000)]
import NSD 4.6.1, ok florian@, thanks aoyama@ for checking autoconf C99 bits
schwarze [Mon, 14 Nov 2022 19:51:35 +0000 (19:51 +0000)]
document BN_kronecker(3)
schwarze [Mon, 14 Nov 2022 18:28:29 +0000 (18:28 +0000)]
document BN_reciprocal(3)
beck [Mon, 14 Nov 2022 17:48:49 +0000 (17:48 +0000)]
Hide public symbols in libcrypto/x509 .c files
ok tb@
visa [Mon, 14 Nov 2022 17:25:00 +0000 (17:25 +0000)]
Fix tag type and buffer limit in DT_TEXTREL lookup.
OK deraadt@ kettenis@
claudio [Mon, 14 Nov 2022 17:23:43 +0000 (17:23 +0000)]
With the commit to in6_ifattach mpe(4) now also works with IPv6
visa [Mon, 14 Nov 2022 17:15:41 +0000 (17:15 +0000)]
Add missing clock trigger to loongson_isa_splx().
Fixes unexpected delays that have occurred with mips64 clock(4).
claudio [Mon, 14 Nov 2022 17:12:55 +0000 (17:12 +0000)]
Relax the list of interfaces which support IPv6 a bit.
No longer require IFF_MULTICAST for all interfaces. It is save to skip
this for interfaces that don't require a ND cache. Also do not assign a
link-local address in such cases. This affects point-to-point interfaces
and the NBMA / point-to-multipoint interfaces like mpe(4), mgre(4) and wg(4).
The NBMA interfaces need some alternative way to figure out the address
mapping. In the end this allows non-multicast interfaces to work with IPv6.
OK dlg@ kn@
sthen [Mon, 14 Nov 2022 14:35:39 +0000 (14:35 +0000)]
fix swapped user/group introduced in sync-with-mount_tmpfs commit;
from Josiah Frentsos
deraadt [Mon, 14 Nov 2022 14:04:25 +0000 (14:04 +0000)]
make the EFI partition quite large, like on arm64 x13s, because newer x86
((Lenovo in particular) firmware updating methods do the same -- placing
a payload in there, so a small space won't do.
ok kettenis
kn [Mon, 14 Nov 2022 13:57:46 +0000 (13:57 +0000)]
Preserve original order of nameservers
RFC 2132 "DHCP Options and BOOTP Vendor Extensions"
3.8. Domain Name Server Option says
Servers SHOULD be listed in order of preference.
tcpdump(8), route(8) monitor and dhcpleasectl(8) -l athn0 show servers from
the DHCP OFFER in their original order, as expected.
resolvd(8) however sorts proposals by priority and IP address before writing
them to resolv.conf(5).
But as the system resolver tries this file's `nameserver' options in the
order appearance, sorting by IP breaks DHCP's intended order and thus may
result in the wrong nameserver being queried.
Sorting by IP is done to later remove duplicates from the file.
Sort by priority alone and ensure uniqueness by iterating over the list of
of proposals and zeroeing duplicates instead to preserve any proposal's
original order.
Spotted on a public wifi OFFERing two local IPs plus 8.8.8.8 in this order
which ended up with 8.8.8.8 being the first entry in my /etc/resolv.conf.
In other words, `route nameserver lo0 2.2.2.2 1.1.1.1 1.1.1.1' now yields
nameserver 2.2.2.2 # resolvd: lo0
nameserver 1.1.1.1 # resolvd: lo0
rather than
nameserver 1.1.1.1 # resolvd: lo0
nameserver 2.2.2.2 # resolvd: lo0
Feedback OK deraadt
deraadt [Mon, 14 Nov 2022 13:42:19 +0000 (13:42 +0000)]
Recognize PT_OPENBSD_MUTABLE with LLVM's readobj / objdump.
from brad
kn [Mon, 14 Nov 2022 13:39:37 +0000 (13:39 +0000)]
Check for offline chunks first, then check for keydisks
Like keydisks, offline data chunks also report a size of zero, so skipping
zero sized chunks before doing the offline check means not printing the
"softraid chunk N not online - skipping..." warning.
Restore order to make this warning appear on degraded volumes again.
deraadt [Mon, 14 Nov 2022 13:21:50 +0000 (13:21 +0000)]
Since the introduction of automatic immutable from the kernel, the munmap()
of ld.so boot.text region is now (silently) failing because the region is
contained within the text LOAD, which is immutable. So create a new btext
LOAD with flags PF_X|PF_R|PF_OPENBSD_MUTABLE, and place all boot.text objects
in there. This LOAD must also be page-aligned so it doesn't skip unmapping
some of the object region, previously it was hilariously unaligned.
ok kettenis and guenther seemed to like it also
This one is for powerpc64 and a modified version of the diff deraadt@ mailed
out to make sure the LOADs are in increasing address order.
this is the alpha version
deraadt [Mon, 14 Nov 2022 13:20:23 +0000 (13:20 +0000)]
Since the introduction of automatic immutable from the kernel, the munmap()
of ld.so boot.text region is now (silently) failing because the region is
contained within the text LOAD, which is immutable. So create a new btext
LOAD with flags PF_X|PF_R|PF_OPENBSD_MUTABLE, and place all boot.text objects
in there. This LOAD must also be page-aligned so it doesn't skip unmapping
some of the object region, previously it was hilariously unaligned.
ok kettenis and guenther seemed to like it also
This one is for powerpc64 and a modified version of the diff deraadt@ mailed
out to make sure the LOADs are in increasing address order.
this is the i386 version
deraadt [Mon, 14 Nov 2022 13:13:19 +0000 (13:13 +0000)]
Since the introduction of automatic immutable from the kernel, the munmap()
of ld.so boot.text region is now (silently) failing because the region is
contained within the text LOAD, which is immutable. So create a new btext
LOAD with flags PF_X|PF_R|PF_OPENBSD_MUTABLE, and place all boot.text objects
in there. This LOAD must also be page-aligned so it doesn't skip unmapping
some of the object region, previously it was hilariously unaligned.
ok kettenis and guenther seemed to like it also
This one is for powerpc64 and a modified version of the diff deraadt@ mailed
out to make sure the LOADs are in increasing address order.
this is the version for sparc64, tested by pascal also
deraadt [Mon, 14 Nov 2022 13:12:59 +0000 (13:12 +0000)]
Since the introduction of automatic immutable from the kernel, the munmap()
of ld.so boot.text region is now (silently) failing because the region is
contained within the text LOAD, which is immutable. So create a new btext
LOAD with flags PF_X|PF_R|PF_OPENBSD_MUTABLE, and place all boot.text objects
in there. This LOAD must also be page-aligned so it doesn't skip unmapping
some of the object region, previously it was hilariously unaligned.
ok kettenis and guenther seemed to like it also
This one is for powerpc64 and a modified version of the diff deraadt@ mailed
out to make sure the LOADs are in increasing address order.
this is the version for powerpc, tested by pascal
kettenis [Mon, 14 Nov 2022 11:11:17 +0000 (11:11 +0000)]
Turns out the power button on the Mac mini and the touchid button on the
various Macbook models generate different events. So rename the existing
constant for a "short press" of the touchid button and add support for the
power button on the Mac mini such that is can be resumed.
ok tobhe@, patrick@
jmc [Mon, 14 Nov 2022 09:56:09 +0000 (09:56 +0000)]
- show -R with -s in options list
- show -t with -T in options list
- sort the -T commands
- small text/formatting tweaks
ok sthen
ok kn on an earlier version
kn [Mon, 14 Nov 2022 09:34:51 +0000 (09:34 +0000)]
Document arm64 as supporting RAID 1C boot
Now that installboot(8) -p is softraid(4) aware, fresh arm64 installations
actually boot out of the box without manual intervention, as expected.
miod [Mon, 14 Nov 2022 07:22:44 +0000 (07:22 +0000)]
When the fdt does not provide a list of brightness states, pwmbl(4)
builds a 256 state ramp (i.e. state[i] = i with 0 <= i < 256).
Change the logic to not need to malloc an array of values in this case,
since they are trivially known.
test&ok patrick@
deraadt [Mon, 14 Nov 2022 00:16:44 +0000 (00:16 +0000)]
include sys/device.h, on some architectures this gets pulled in, but others
(like sparc64) require it explicitly
tb [Sun, 13 Nov 2022 23:38:42 +0000 (23:38 +0000)]
Fix comment style
schwarze [Sun, 13 Nov 2022 22:11:44 +0000 (22:11 +0000)]
Various improvements; joint work with beck@:
1. Explain up front what "ASN1_TIME" is (suggested by beck@, wording by me).
2. For opaque structs, use the generic term "object",
like we already do it in many other LibreSSL manual pages.
3. Drop some redundant phrases.
4. Improve the EXAMPLES section (by beck@, with fixes by me).
6. Add a STANDARDS section.
...and some other minor polishing.
OK beck@
mbuhl [Sun, 13 Nov 2022 21:19:40 +0000 (21:19 +0000)]
Make sure csa->csa_bundled is NULL after freeing to prevent a
possible use after free.
ok tobhe@
florian [Sun, 13 Nov 2022 18:40:45 +0000 (18:40 +0000)]
Sync config.h, we have
ed25519 support now.
beck [Sun, 13 Nov 2022 18:37:32 +0000 (18:37 +0000)]
Check certificate extensions in trusted certificates.
Historically the standards let the implementation decide to
either check or ignore the certificate properties of trust anchors.
You could either use them simply as a source of a public key which
was trusted for everything, or you were also permitted to check the
certificate properties and fully enforce them. Hooray for freedumb.
OpenSSL changed to checking these with :
commit
0daccd4dc1f1ac62181738a91714f35472e50f3c
Author: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Thu Jan 28 03:01:45 2016 -0500
BoringSSL currently does not check them, as it also inherited
the previous OpenSSL behaviour. It will change to check them in
the future.
(https://bugs.chromium.org/p/boringssl/issues/detail?id=533)
jca [Sun, 13 Nov 2022 16:14:06 +0000 (16:14 +0000)]
Sync data and instruction cache before entering an executable page
Adapted from kettenis' fix for arm64/pmap.c. Since we haven't been able
to reliably reproduce the clang crashes that affect base and ports, it
not yet known whether riscv64 was badly affected by this misordering.
Time will tell. ok kettenis@
mvs [Sun, 13 Nov 2022 16:01:32 +0000 (16:01 +0000)]
Split out handlers for SOCK_DGRAM unix(4) sockets from SOCK_STREAM and
SOCK_SEQPACKET. Introduce `uipc_dgram_usrreqs' to store pointers for
dgram specific handlers.
The dgram pru_shutdown and pru_send handlers were splitted to
uipc_dgram_shutdown() and uipc_dgram_send(). The pru_accept, pru_rcvd
and pru_abort handlers are not required for dgram sockets.
The unp_disconnect() remains shared between all unix(4) sockets because
it called from common paths too.
Proposed by and ok guenther@