tb [Mon, 13 Dec 2021 17:58:41 +0000 (17:58 +0000)]
Remove the last internal use of d2i_ASN1_BOOLEAN.
From Stephen Henson, OpenSSL
564df0dd
ok jsing
jsing [Mon, 13 Dec 2021 17:56:15 +0000 (17:56 +0000)]
Clean up d2i_ASN1_BOOLEAN() and i2d_ASN1_BOOLEAN().
Convert these to templated ASN.1, given we already have ASN1_BOOLEAN_it.
ok inoguchi@ tb@
schwarze [Mon, 13 Dec 2021 17:55:53 +0000 (17:55 +0000)]
this file doesn't use anything from <stdio.h>;
in particular, NULL is also in <stdlib.h> according to the C99 standard;
"free commit" tb@
jsing [Mon, 13 Dec 2021 17:50:24 +0000 (17:50 +0000)]
Convert asn1_d2i_ex_primitive()/asn1_collect() from BUF_MEM to CBB.
With this we get simpler code, overflow checking and more sensible
memory ownership. Also switch the free_cont case to freezero() since this
could contain secrets.
ok inoguchi@ tb@
tobhe [Mon, 13 Dec 2021 17:35:34 +0000 (17:35 +0000)]
Cleanup libcrypto memory management. Remove redundant NULL checks
before calling *_free() functions. Use 'get0' functions where it
makes sense to avoid some frees.
Feedback and ok tb@
schwarze [Mon, 13 Dec 2021 17:24:39 +0000 (17:24 +0000)]
new manual page SMIME_write_ASN1(3);
still vague in various respects, but it's a start
deraadt [Mon, 13 Dec 2021 16:56:48 +0000 (16:56 +0000)]
remove a couple hundred sys/param.h includes in userland code, and
also whack some sys/cdefs.h early includes which is such a brutally
bad pattern
ok bluhm mbuhl
deraadt [Mon, 13 Dec 2021 16:37:37 +0000 (16:37 +0000)]
acct(4) ac_tty shouldn't need NODEV from sys/param.h (which is kernel API),
-1 is sufficient to indicate the process had no controlling tty, removing
one more sys/param.h include in our userland
ok millert
florian [Mon, 13 Dec 2021 16:12:10 +0000 (16:12 +0000)]
Only generate a new xid on state change.
When we first request a lease (INIT or REBOOTING state) we run with
very short timeouts. If the dhcp server is slow to respond we already
have a new xid and ignore the server's response. This goes on until we
increase the timeout high enough. If we just stick to an xid this will
not happen and we accept "late" responses.
RFC 2131 has:
Selecting a new 'xid' for each retransmission is an implementation
decision. A client may choose to reuse the same 'xid' or select a new
'xid' for each retransmitted message.
Problem seen by phessler on german train wifi.
OK phessler
visa [Mon, 13 Dec 2021 14:56:55 +0000 (14:56 +0000)]
Revise EVFILT_EXCEPT filters
Restrict the circumstances where EVFILT_EXCEPT filters trigger:
* when out-of-band data is present and NOTE_OOB is requested.
* when the channel is fully closed and consumer is poll(2).
This should clarify the logic and suppress events that kqueue-based
poll(2) does not except.
OK mpi@
visa [Mon, 13 Dec 2021 14:54:22 +0000 (14:54 +0000)]
Prevent kevent(2) use of EVFILT_EXCEPT with FIFOs and pipes
Currently, the only intended direct usage of the EVFILT_EXCEPT filter
is with NOTE_OOB to detect out-of-band data in ptys and sockets.
NOTE_OOB does not apply to FIFOs or pipes. Prevent the user from
registering the filter with these file types. The filter code is for
the kernel's internal use.
OK mpi@
bluhm [Mon, 13 Dec 2021 14:30:16 +0000 (14:30 +0000)]
nd6_dad_ns_input() could trigger a NULL deref in nd6_dad_duplicated().
It checks dp in two of three places. One check got lost in revision
1.83. Do a dp == NULL once at the beginning.
OK jsg@
Reported-by: syzbot+88c0ce914a0b10b7e1c8@syzkaller.appspotmail.com
schwarze [Mon, 13 Dec 2021 14:06:17 +0000 (14:06 +0000)]
Catch integer overflow rather than silently truncating while
parsing MASK: strings in ASN1_STRING_set_default_mask_asc(3).
Issue noticed by tb@, patch by me, two additional #include lines from tb@.
OK tb@.
visa [Mon, 13 Dec 2021 13:57:48 +0000 (13:57 +0000)]
Handle multi-port controllers in uslcom(4)
A multi-port CP210x device presents each COM port as a separate USB
virtual COM port interface. When attaching uslcom(4), take the USB
interface from the attach arguments instead of using interface 0.
This lets the driver access the different ports of a quad-port CP2108.
Tested with a single-port CP2102 by jsg@
OK jsg@ deraadt@
schwarze [Mon, 13 Dec 2021 13:46:09 +0000 (13:46 +0000)]
new manual pages i2d_ASN1_bio_stream(3) and SMIME_crlf_copy(3)
jca [Mon, 13 Dec 2021 13:30:39 +0000 (13:30 +0000)]
Let dnsproc pass multiple addresses to netproc
The loop was exited prematurely because of a stray break statement.
In case of a failure to connect to the first address returned by
getaddrinfo(3), acme-client can now try to connect using another address
or address family if available.
ok florian@
florian [Mon, 13 Dec 2021 11:03:23 +0000 (11:03 +0000)]
Treat xid as a uint32_t in network byte order on the wire.
Internally this doesn't matter since we only care about equality.
This makes logging output comparable to tcpdump(8).
Pointed out by joel@
OK claudio
florian [Mon, 13 Dec 2021 11:02:26 +0000 (11:02 +0000)]
Replace struct member assignment with struct assignment to make the
code more compact. No binary change.
OK claudio
nicm [Mon, 13 Dec 2021 09:42:20 +0000 (09:42 +0000)]
Make pane-border-format a pane option, GitHub issue 2999.
jsg [Sun, 12 Dec 2021 22:54:35 +0000 (22:54 +0000)]
remove unused variable to fix build with llvm 13
ok jca@ naddy@
tb [Sun, 12 Dec 2021 21:35:46 +0000 (21:35 +0000)]
Annotate the structs that will be moved to hmac_local.h and evp_locl.h
in an upcoming bump. This omits EVP_AEAD_CTX which will be dealt with
separately. EVP_CIPHER_INFO internals are still publicly visible in
OpenSSL, so it won't be moved.
Move typedefs for HMAC_CTX and EVP_ENCODE_CTX to ossl_typ.h. These
typedefs will be visible by files including only hmac.h or evp.h since
hmac.h includes evp.h and evp.h includes ossl_typ.h.
ok inoguchi
tb [Sun, 12 Dec 2021 21:30:13 +0000 (21:30 +0000)]
Include evp_locl.h where it will be needed once most structs from
evp.h will be moved to evp_locl.h in an upcoming bump.
ok inoguchi
tb [Sun, 12 Dec 2021 21:27:37 +0000 (21:27 +0000)]
Add a mostly empty hmac_local.h. HMAC_CTX and a few other things
from hmac.h will be moved there in an umpcoming bump. Include this
file where it will be needed.
ok inoguchi
tb [Sun, 12 Dec 2021 21:23:47 +0000 (21:23 +0000)]
Add -I${LIBCRYPTO_SRC}/hmac to CFLAGS. Needed in an upcoming commit.
ok inoguchi
tb [Sun, 12 Dec 2021 21:21:58 +0000 (21:21 +0000)]
Add header guards to evp_locl.h.
ok inoguchi
bluhm [Sun, 12 Dec 2021 21:16:53 +0000 (21:16 +0000)]
Replace deprecated IO::Socket::INET6 with IO::Socket::IP.
tb [Sun, 12 Dec 2021 20:42:37 +0000 (20:42 +0000)]
Convert req.c to compile with opaque EVP_MD_CTX.
ok inoguchi
tb [Sun, 12 Dec 2021 20:40:25 +0000 (20:40 +0000)]
Convert passwd.c to opaque EVP_MD_CTX and add a bit of error checking.
tweak/ok inoguchi
tb [Sun, 12 Dec 2021 20:35:40 +0000 (20:35 +0000)]
Make speed.c compile with opaque EVP_CIPHER, EVP_MD and HMAC_CTX.
ok inoguchi
tb [Sun, 12 Dec 2021 20:34:04 +0000 (20:34 +0000)]
A few more simplifications using get0_pubkey instead of get_pubkey + free.
tb [Sun, 12 Dec 2021 20:29:15 +0000 (20:29 +0000)]
Simplify x509.c slightly by using X509_get0_pubkey() instead of
X509_get_pubkey()
ok inoguchi
tb [Sun, 12 Dec 2021 20:28:02 +0000 (20:28 +0000)]
Make x509.c compile with opaque EVP_PKEY.
ok inoguchi
tb [Sun, 12 Dec 2021 20:22:59 +0000 (20:22 +0000)]
Use correct spelling of NULL
ok inoguchi
tb [Sun, 12 Dec 2021 20:22:08 +0000 (20:22 +0000)]
Make ts.c compile with opaque EVP_MD_CTX.
ok inoguchi
schwarze [Sun, 12 Dec 2021 20:16:36 +0000 (20:16 +0000)]
document the ub_* constants
schwarze [Sun, 12 Dec 2021 18:15:43 +0000 (18:15 +0000)]
typo
schwarze [Sun, 12 Dec 2021 17:31:18 +0000 (17:31 +0000)]
New manual page providing a rudimentary description of BIO_new_NDEF(3).
The API surrounding this is so complicated and streaming is so rarely
used in practice that describing this in more detail is not a priority
right now. The documentation of the wrapper BIO_new_CMS(3) is also
rather vague, and BIO_new_PKCS7() isn't described at all so far.
tb [Sun, 12 Dec 2021 14:27:20 +0000 (14:27 +0000)]
Rewrite X509_ALGOR_set_md() without reaching into EVP_MD.
ok inoguchi schwarze
bluhm [Sun, 12 Dec 2021 10:56:49 +0000 (10:56 +0000)]
Replace deprecated IO::Socket::INET6 with IO::Socket::IP.
visa [Sun, 12 Dec 2021 09:17:17 +0000 (09:17 +0000)]
Use vnode parameter instead of vfinddev() in mfs_strategy()
Getting the mfs device vnode through vfinddev() is more complex than
necessary. Also, the indirection is not robust.
OK mpi@
visa [Sun, 12 Dec 2021 09:14:58 +0000 (09:14 +0000)]
Add vnode parameter to VOP_STRATEGY()
Pass the device vnode as a parameter to VOP_STRATEGY() to allow calling
the correct vop_strategy callback. Now the vnode is also available
in the callback.
OK mpi@
schwarze [Sat, 11 Dec 2021 22:58:48 +0000 (22:58 +0000)]
Merge two bugfixes in ASN1_STRING_TABLE_add(3) and ASN1_STRING_TABLE_get(3)
from the OpenSSL 1.1.1 branch, which is still under a free license,
mostly this commit:
commit
d35c0ff30b31be9fd5dcf3d552a16feb8de464bc
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Fri Oct 19 15:06:31 2012 +0000
fix ASN1_STRING_TABLE_add so it can override existing string table values
This fixes a segfault in ASN1_STRING_TABLE_add(3), which tried to change a
static const entry when called with an nid already in the default table,
and it switches the precedence of the two tables in ASN1_STRING_TABLE_get(3).
In addition, it changes behaviour in the following minor ways:
* Ignore negative minsize and maxsize arguments, not just -1.
* Ignore a zero mask and zero flags.
It's unclear whether these additional changes make the API absolutely
better, but we want compatibility with OpenSSL in these functions.
Tweaks & OK tb@.
schwarze [Sat, 11 Dec 2021 22:34:36 +0000 (22:34 +0000)]
Merge the deletion of <ctype.h>, which isn't used here,
and some style improvements from the OpenSSL 1.1.1 branch,
which is still under a free license.
No functional change.
OK and additional tweaks tb@.
kettenis [Sat, 11 Dec 2021 20:36:26 +0000 (20:36 +0000)]
Change compatible string to something that makes more sense.
naddy [Sat, 11 Dec 2021 20:11:17 +0000 (20:11 +0000)]
remove unused variable to fix build with llvm 13; ok jca@
krw [Sat, 11 Dec 2021 20:09:28 +0000 (20:09 +0000)]
Start the default OpenBSD partition either immediately following
any boot partition specified via '-b' or /usr/mdec/mbr; at the
power of 2 block after the first track; or immediately following
the MBR if there is only one track.
Mark any non-EFISYS boot partition created by -b as DOSACTIVE.
Suggested by kettenis@, better than a separate new option.
Brings -b behaviour into line with many uses of -e to create boot
partitions, allowing for the eventual elimination of said -e uses
in the creation of the various boot media and in the install
scripts.
kettenis [Sat, 11 Dec 2021 20:07:27 +0000 (20:07 +0000)]
Add support for interrupts represented by ACPI PCI Interrupt Link Devices.
This makes PCI interrupts work on QEMU's SBSA target.
ok patrick@
kettenis [Sat, 11 Dec 2021 20:04:37 +0000 (20:04 +0000)]
Thanks to the reverse engineering efforts by Hector Martin, we now know
that we can controll the CS# pin directly from the SPI controller itself.
Add support for this as future device trees will probably use this mode
instead of explicitly specifying a "cs-gpios" property.
ok patrick@
kettenis [Sat, 11 Dec 2021 19:45:05 +0000 (19:45 +0000)]
Attach apldart(4) early.
schwarze [Sat, 11 Dec 2021 18:51:25 +0000 (18:51 +0000)]
document STABLE_NO_MASK and STABLE_FLAGS_MALLOC,
mention which argument values can be used to not change the respective fields,
and tweak a few additional wordings
jmc [Sat, 11 Dec 2021 17:25:10 +0000 (17:25 +0000)]
two more "the the" fixes;
bluhm [Sat, 11 Dec 2021 16:33:46 +0000 (16:33 +0000)]
Protect the write access to the TDB flags field with a mutex per
TDB. Clearing the timeout flags just before pool put in tdb_free()
does not make sense. Move this to tdb_delete(). While there make
the parentheses in the flag check consistent.
tested by Hrvoje Popovski; OK tobhe@
tb [Sat, 11 Dec 2021 13:34:38 +0000 (13:34 +0000)]
doubled word; from Leon Fischer
visa [Sat, 11 Dec 2021 09:28:26 +0000 (09:28 +0000)]
Clarify usage of __EV_POLL and __EV_SELECT
Make __EV_POLL specific to kqueue-based poll(2), to remove overlap
with __EV_SELECT that only select(2) uses.
OK millert@ mpi@
anton [Sat, 11 Dec 2021 07:38:03 +0000 (07:38 +0000)]
Stop passing __FILE__ and __LINE__ to various libcrypto functions. The arguments
are unused in the end anyway and occupies needless space, especially in ftp(1)
shipped with the ramdisk.
ok tb@
schwarze [Fri, 10 Dec 2021 17:26:54 +0000 (17:26 +0000)]
fix a copy-and-paste error;
from Richard Ulmer <... rulmer at mailbox dot org>
schwarze [Fri, 10 Dec 2021 16:58:20 +0000 (16:58 +0000)]
explain how X509_NAME_ENTRY_set_data(3) uses MBSTRING_FLAG
schwarze [Fri, 10 Dec 2021 16:19:52 +0000 (16:19 +0000)]
document the following constants:
B_ASN1_DIRECTORYSTRING, B_ASN1_PRINTABLE, B_ASN1_DISPLAYTEXT, B_ASN1_TIME,
DIRSTRING_TYPE, PKCS9STRING_TYPE
krw [Fri, 10 Dec 2021 13:17:09 +0000 (13:17 +0000)]
Update the *.ok files to reflect the slightly larger
last partition the latest fdisk allows.
Spotted, fix tested and ok anton@
nicm [Fri, 10 Dec 2021 12:51:11 +0000 (12:51 +0000)]
Missed unlinked control notifications, GitHub issue 2996.
nicm [Fri, 10 Dec 2021 12:45:32 +0000 (12:45 +0000)]
Mention XParseColor(3) for the cursor colour escape sequence.
nicm [Fri, 10 Dec 2021 12:42:37 +0000 (12:42 +0000)]
Add a NOBLOCK flag rather than adding amount to wait for when
dealing with potentially-long sequences. GitHub issue 3001.
guenther [Fri, 10 Dec 2021 05:34:42 +0000 (05:34 +0000)]
Revert "kbind(2): disable system call if not initialized before
first __tfork(2)"
The immediate issue is that a process linked with -znow will still
perform lazy relocation on objects loaded with dlopen(), but there
are possibly other dark corners to plumb to find a better invariant.
Problem reported by thfr@
mvs [Fri, 10 Dec 2021 00:50:18 +0000 (00:50 +0000)]
Move 'unconacc' test to regress/sys/kern/unixsockets/ directory.
mvs [Fri, 10 Dec 2021 00:33:25 +0000 (00:33 +0000)]
Move 'undgram_conclose' test to regress/sys/kern/unixsockets directory.
mvs [Thu, 9 Dec 2021 23:37:17 +0000 (23:37 +0000)]
Move 'unsendrecvthr' test to regress/sys/kern/unixsockets directory.
mvs [Thu, 9 Dec 2021 23:26:48 +0000 (23:26 +0000)]
Move 'unfdpassfail' test to regress/sys/kern/unixsockets/ directory.
jmc [Thu, 9 Dec 2021 21:09:51 +0000 (21:09 +0000)]
imrove the description of lesskey; based on a diff from richard ulmer
ok deraadt schwarze
kettenis [Thu, 9 Dec 2021 20:47:27 +0000 (20:47 +0000)]
Make the clockpad work in "raw" mode.
ok patrick@
patrick [Thu, 9 Dec 2021 20:21:35 +0000 (20:21 +0000)]
Broken ACPI tables containing scopes that are larger than their outer shell
are caught by our ACPI parser. Unfortunately in such cases our reaction was
to start parsing AML somewhere outside our current scope. The intention was
to clamp down the inner scope to the maximum of the outer one. So, rectify it.
This issue has shown up in EDK2's QEMU SBSA target, where the SSDT table was
generated incorrectly. Surprisingly neither Linux nor ACPICA's iASL noticed
that the table was broken.
ok kettenis@ millert@
guenther [Thu, 9 Dec 2021 19:33:53 +0000 (19:33 +0000)]
Fix cpuid leaf clamping to let through cpuid(0x15) when we have an
invariant TSC and report that correctly in the guest's cpuid(0).eax
prompted by debug messages in report from Josh Grosse (josh(at)jggimi.net)
ok mlarkin@
schwarze [Thu, 9 Dec 2021 19:05:09 +0000 (19:05 +0000)]
document V_ASN1_SEQUENCE and V_ASN1_SET
schwarze [Thu, 9 Dec 2021 19:03:14 +0000 (19:03 +0000)]
document V_ASN1_BOOLEAN
schwarze [Thu, 9 Dec 2021 19:01:52 +0000 (19:01 +0000)]
improve the documentation of V_ASN1_APP_CHOOSE
schwarze [Thu, 9 Dec 2021 19:00:00 +0000 (19:00 +0000)]
Mention V_ASN1_PRIMITIVE_TAG and V_ASN1_EOC.
Seeing the symbolic names in addition to the magic numbers
makes it esier to understand the text.
schwarze [Thu, 9 Dec 2021 18:52:09 +0000 (18:52 +0000)]
add the missing STANDARDS section
schwarze [Thu, 9 Dec 2021 18:50:26 +0000 (18:50 +0000)]
Document V_ASN1_ANY.
While here, tweak some wordings a bit to make it less likely that
readers confuse the type held by an ASN1_TYPE object with the type
of the ASN1_TYPE object itself, which is always V_ASN1_ANY.
schwarze [Thu, 9 Dec 2021 18:45:45 +0000 (18:45 +0000)]
document V_ASN1_NEG
schwarze [Thu, 9 Dec 2021 18:43:50 +0000 (18:43 +0000)]
document V_ASN1_OBJECT
schwarze [Thu, 9 Dec 2021 18:42:35 +0000 (18:42 +0000)]
document V_ASN1_NULL
schwarze [Thu, 9 Dec 2021 18:33:34 +0000 (18:33 +0000)]
fix a typo in an .Xr argument
tb [Thu, 9 Dec 2021 17:54:41 +0000 (17:54 +0000)]
Convert t1_enc.c to opaque EVP_MD_CTX.
ok inoguchi jsing
tb [Thu, 9 Dec 2021 17:53:29 +0000 (17:53 +0000)]
Convert ssl_srvr.c to opaque EVP_MD_CTX.
ok inoguchi jsing
tb [Thu, 9 Dec 2021 17:50:48 +0000 (17:50 +0000)]
Convert ssl_clnt.c to opaque EVP_MD_CTX
ok inoguchi jsing
tb [Thu, 9 Dec 2021 17:45:49 +0000 (17:45 +0000)]
Convert s3_cbc.c to opaque EVP_MD_CTX.
ok inoguchi jsing
mvs [Thu, 9 Dec 2021 17:44:53 +0000 (17:44 +0000)]
Remove old 'ungc' test
mvs [Thu, 9 Dec 2021 17:42:59 +0000 (17:42 +0000)]
Commit 'ungc.c'
mvs [Thu, 9 Dec 2021 17:41:51 +0000 (17:41 +0000)]
Move 'ungc' test to regress/sys/kern/unixsockets
mvs [Thu, 9 Dec 2021 17:25:54 +0000 (17:25 +0000)]
Add sys/kern/unixsockets directory to contain all unix(4) sockets tests.
Add 'undgram_selfconn' test to check unix(4) socket connecting to itself.
Discussed and ok visa@ bluhm@
deraadt [Thu, 9 Dec 2021 17:22:49 +0000 (17:22 +0000)]
sync
jsing [Thu, 9 Dec 2021 17:01:41 +0000 (17:01 +0000)]
Inline collect_data() in asn1_collect().
While here stop assigning a size_t to an int without bounds checks.
ok inoguchi@ tb@
jsing [Thu, 9 Dec 2021 16:58:44 +0000 (16:58 +0000)]
Pull the recursion depth check up to the top of asn1_collect()
ok inoguchi@ tb@
jsing [Thu, 9 Dec 2021 16:56:15 +0000 (16:56 +0000)]
Remove handling of a NULL BUF_MEM from asn1_collect()
asn1_collect() (and hence collect_data()) is never called without
a BUF_MEM - the only caller that passed NULL was removed in OpenSSL
commit
e1cc0671ac5.
ok inoguchi@ tb@
jsing [Thu, 9 Dec 2021 16:31:33 +0000 (16:31 +0000)]
Fix missing return in asn1_compare_bytes()
jsing [Thu, 9 Dec 2021 16:30:57 +0000 (16:30 +0000)]
Add initial tests for coverage of ASN.1 complex/constructed types.
jsing [Thu, 9 Dec 2021 16:30:05 +0000 (16:30 +0000)]
Add initial tests for coverage of ASN.1 basic/primitive types.
florian [Thu, 9 Dec 2021 16:20:12 +0000 (16:20 +0000)]
Rework in which state to add and not add the server-ip and
requested-ip option as well as setting ciaddr.
This started with joel@ pointing out that their CPE is ignoring
RENEWING and REBINDING requests when ciaddr was not set.
RFC 2131 4.3.6, Table 4 has a good overview, we got a bunch of it
wrong.
Previously the logic for this was all over the place which made it
difficult to reason about, it is now contained in the engine process
in request_dhcp_request() and request_dhcp_discover().
Problem pointed out by, lots of testing and review as well as OK joel@
Additional testing and 50% review benno@
schwarze [Thu, 9 Dec 2021 15:28:58 +0000 (15:28 +0000)]
Fix an issue that might possibly turn into a DOS depending on
how application software uses the API function BIO_indent(3):
If the caller asks for some output, but not more than some negative
number of bytes, give them zero bytes of output rather than drowning
them in nearly INT_MAX bytes.
OK tb@
schwarze [Thu, 9 Dec 2021 15:11:48 +0000 (15:11 +0000)]
Add a section "NAMING CONVENTIONS".
There is no need to explain well-known acronyms that are widely
used outside OpenSSL, too (like AES, ASN.1, CMS, ECDSA, PKCS...),
but OpenSSL uses plenty of idiosyncratic naming elements that
deserve to be explained (like d2i, ex, get0, ndef, sk, ...).
Requested by jsing@; feedback and OK tb@.
tobhe [Thu, 9 Dec 2021 13:49:45 +0000 (13:49 +0000)]
Properly enable NAT-T without udpencap if mobike was negotiated without NAT.
Fixes a bug where iked sent zero-prefixed NAT-T messages on port 500 causing
parsing errors.
ok markus@ patrick@