kn [Wed, 23 Nov 2022 19:35:42 +0000 (19:35 +0000)]
Remove unused NDPRF_* defines; dead since 2017 sys/netinet6/nd6.c r1.210
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.
Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.
OK mvs claudio bluhm
kn [Wed, 23 Nov 2022 19:35:18 +0000 (19:35 +0000)]
Remove unused struct in6_ndifreq; dead since 2013 sys/netinet6/in6_var.h r1.37
Remove unused code manipulating a default interface and its index
This is a leftover from the on-link assumption behavior removal,
which has been deprecated by RFC4861 anyway.
Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.
OK mvs claudio bluhm
kn [Wed, 23 Nov 2022 19:34:59 +0000 (19:34 +0000)]
Remove unused struct prf_ra; dead since 2017 sys/netinet/icmp6.h r1.45
Get rid of ICMPV6CTL_ND6_DRLIST and ICMPV6CTL_ND6_PRLIST sysctls
With this we can also get rid of in6_prefix and in6_defrouter. They
are meaningless, the kernel no longer tracks this information.
Outside of _KERNEL, but nothing in base uses it, either.
codesearch.debian.net seems to agree.
OK mvs claudio bluhm
schwarze [Wed, 23 Nov 2022 17:20:23 +0000 (17:20 +0000)]
Several improvements required for <openssl/bn.h>:
* List internal constants and types that are intentionally undocumented.
* List unused constants and types that are intentionally undocumented.
* Cope with intentionally undocumented identifiers being declared
more than once (in this case, because of #if and #else).
* Require exact matches for man -k searches (in this case,
such that BN_BITS does not match BN_BITS2).
* Handle the weird BN_ULONG, which is #define'd instead of using typedef.
kn [Wed, 23 Nov 2022 16:59:10 +0000 (16:59 +0000)]
Inline useless ND_IFINFO() macro
A single cast-free struct pointer dereference needs no indirection.
ND_IFINFO() is under _KERNEL.
OK mvs
kn [Wed, 23 Nov 2022 16:57:37 +0000 (16:57 +0000)]
Let nd6_if{at,de}tach() be void and take an ifp argument
Do it like the rest of at/detach routines which modify a struct ifnet
pointer without returning anything.
OK mvs
tb [Wed, 23 Nov 2022 15:52:43 +0000 (15:52 +0000)]
Make a stupid compiler on a stupid OS happy.
from bcook
mvs [Wed, 23 Nov 2022 15:12:27 +0000 (15:12 +0000)]
Make `so' dereference safe within pflow_output_process().
sosend() has sleep points, so the kernel lock serialisation within
pflow_output_process() doesn't work as expected. The pflow(4) interface
associated socket `so' could be overwritten by concurrent pflowioctl()
thread.
Introduce pflow(4) interface's `sc_lock' rwlock(9) to make `so'
dereference safe. Since the solock() of udp(4) sockets uses netlock as
backend, the `sc_lock' should be taken first. This expands a little
netlock relocking within pflowioctl().
pflow_sendout_mbuf() called by pflow_output_process(), now called
without kernel lock held, so the mp safe counters_pkt(9) used instead
of manual `if_opackets' increment.
Since if_detach() does partial ifnet destruction, now it can't be called
before we finish pflow_output_process() task, otherwise we introduce use
after free for interface counters. In other hand, we need to deny
pflowioctl() to reschedule pflow_output_process() task. The `sc_dyind'
flag introduced for that.
Tested by Hrvoje Popovski.
ok bluhm@
kn [Wed, 23 Nov 2022 14:50:59 +0000 (14:50 +0000)]
Remove unused struct ifnet's *if_afdata[] and struct domain's dom_if{at,de}tach()
Both made obsolete through struct ifnet's previous *if_nd addition.
IPv6 Neighbour Discovery handles per-interface data directly, nothing
else uses this generic domain API anymore.
Outside of _KERNEL, but nothing in base uses them, either.
OK bluhm mvs claudio
kn [Wed, 23 Nov 2022 14:48:27 +0000 (14:48 +0000)]
Add *if_nd to struct ifnet, call nd6_if{at,de}tach() directly
*if_afdata[] and struct domain's dom_if{at,de}tach() are only used with
IPv6 Neighbour Discovery in6_dom{at,de}tach(), which allocate/init and
free single struct nd_ifinfo.
Set up a new ND-specific *if_nd member directly to avoid yet another
layer of indirection and thus make the generic domain API obsolete.
The per-interface data is only accessed in nd6.c and nd6_nbr.c through
the ND_IFINFO() macro; it is allocated and freed exactly once during
interface at/detach, so document it as [I]mmutable.
OK bluhm mvs claudio
kn [Wed, 23 Nov 2022 14:22:17 +0000 (14:22 +0000)]
iked(8) is proposing as well
Since sbin/iked/vroute.c r1.13 (sep 2021):
Add client side support for DNS configuration. Use RTM_PROPOSAL_STATIC
route messages to propose the name server to resolvd(8).
mbuhl [Wed, 23 Nov 2022 11:00:27 +0000 (11:00 +0000)]
cache ps_auxinfo inside the kernel, to avoid codedump() reading the
copy on userland stack which points at an illicit region.
ok kettenis, deraadt
tb [Wed, 23 Nov 2022 08:58:34 +0000 (08:58 +0000)]
bn_unit: appease coverity
Apparently, the '0' in memset(a, '0', size - 1); could be a typo for '\0'.
Randomize the decimal digit to make the intent clear.
CID 377009
tb [Wed, 23 Nov 2022 08:51:05 +0000 (08:51 +0000)]
asn1_string_to_utf8 test: appease coverity
Check for ASN_STRING_to_UTF8() failure before checking it matches our
expectations. This should convey clearly that test->want_len is never
negative.
CID 377011
Diagnosed by jsing
kn [Wed, 23 Nov 2022 08:05:49 +0000 (08:05 +0000)]
ND_IFINFO() cannot be NULL, use inline read-only idiom for clarity
ND_IFINFO() always points at a valid struct nd_ifinfo; ND6_LLINFO_DELAY
checks for NULL, while other cases in nd6_llinfo_timer() dereference it
unconditionally.
Inline all three per-case read-only usages rather than having one hoisted
*ndi pointer which could be used to write.
nd6_nbr.c already uses this `ND_IFINFO(ifp)->retrans' idiom which makes it
immediately clear that data is only read.
OK bluhm
tb [Wed, 23 Nov 2022 08:01:05 +0000 (08:01 +0000)]
Neuter getrlimit dance, it's not portable enough. Stupid Windows.
kn [Wed, 23 Nov 2022 07:57:39 +0000 (07:57 +0000)]
Recommit previous "Remove useless struct in6_ifextra"
This was the right diff after all, I just confused myself between trees.
OK bluhm
---
Remove useless struct in6_ifextra
in6_var.h r1.75 removed all other struct members.
Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.
ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].
One allocation and unhelpful indirection less per interface.
All under _KERNEL.
OK claudio
tb [Wed, 23 Nov 2022 07:37:06 +0000 (07:37 +0000)]
Fix leaks in ecx_set_{priv,pub}_key()
When ecx_key_set_{priv,pub}() fails, ecx_key is leaked.
CID 377014
From jsing
tb [Wed, 23 Nov 2022 07:31:12 +0000 (07:31 +0000)]
Reverse arguments in CBS_dup()
We want to copy the tls_content_cbs() into the cbs, not the other way around
CID 377013
ok jsing
tb [Wed, 23 Nov 2022 07:25:01 +0000 (07:25 +0000)]
Fix inconsequential copy-paste error
CID 377010
deraadt [Wed, 23 Nov 2022 05:18:27 +0000 (05:18 +0000)]
sync
jsing [Wed, 23 Nov 2022 03:10:10 +0000 (03:10 +0000)]
Use bn_wexpand() rather than bn_expand() with sizeof(BN_ULONG).
This also fixes a bug in BN_MONT_CTX_set(), where the sizeof(BN_ULONG) in
the call to bn_expand() was not multiplied by eight (to get bits).
ok tb@
jsing [Wed, 23 Nov 2022 03:04:52 +0000 (03:04 +0000)]
Ensure that bn_expand()/bn_wexpand() fail on negative sizes.
ok tb@
jsing [Wed, 23 Nov 2022 03:00:12 +0000 (03:00 +0000)]
Turn bn_wexpand() into a function.
Any sensible compiler will likely inline this anyway (and even if it does
not, one extra function call/return is the least of the performance
overhead for this code).
ok tb@
jsing [Wed, 23 Nov 2022 02:46:09 +0000 (02:46 +0000)]
Move bn_expand() under bn_expand2().
No functional change.
ok tb@
jsing [Wed, 23 Nov 2022 02:44:01 +0000 (02:44 +0000)]
Remove unused bn_dup_expand().
ok tb@
jsing [Wed, 23 Nov 2022 02:20:27 +0000 (02:20 +0000)]
Move #ifndef OPENSSL_NO_DEPRECATED.
The BN_set_params()/BN_get_params() and associated unused variables are
meant to be in this block, not things like BN_new() and BN_free().
ok tb@
jsing [Wed, 23 Nov 2022 02:13:24 +0000 (02:13 +0000)]
Remove bn_* defines/prototypes.
These now come directly via bn_lcl.h.
ok tb@
sashan [Tue, 22 Nov 2022 22:28:40 +0000 (22:28 +0000)]
Interface tables (a.k.a. kif) in pf(4) are currently protected
by NET_LOCK() only. This change makes them protected by PF_LOCK().
Having this change in tree will allow us to remove NET_LOCK()
protection from ioctl(2) code path in pf(4).
OK dlg@, kn@
tb [Tue, 22 Nov 2022 21:54:01 +0000 (21:54 +0000)]
Fix some whitespace and comment formatting
tb [Tue, 22 Nov 2022 21:23:16 +0000 (21:23 +0000)]
Rename last OPENSSL_gmtime() to asn1_time_time_t_to_tm()
This rename was done before commit, but one instance was missed since it
was hidden behind #ifdef SMALL_TIME_T.
Spotted by Android CI.
tb [Tue, 22 Nov 2022 20:43:43 +0000 (20:43 +0000)]
Remove incorrect "r must not be a" comment
This was fixed by Eric A. Young in "a C2Net version of SSLeay" and
committed to OpenSSL by Mark J. Cox in January 1999 (OpenSSL
a0a54079).
tb [Tue, 22 Nov 2022 20:04:51 +0000 (20:04 +0000)]
Plug leaks spotted by ASAN CI
kn [Tue, 22 Nov 2022 19:28:29 +0000 (19:28 +0000)]
Backout "Remove useless struct in6_ifextra" commit
I committed the wrong iteration of this diff, sorry for the noise.
schwarze [Tue, 22 Nov 2022 19:02:07 +0000 (19:02 +0000)]
mention what BN_ULONG is
schwarze [Tue, 22 Nov 2022 19:00:15 +0000 (19:00 +0000)]
Remove the lie that BN_ULONG might be 16 bits wide.
We don't install this page, but it might possibly still help developers
working on internals of the BN library, so i'm not in a hurry to cvs rm
this file.
schwarze [Tue, 22 Nov 2022 18:55:04 +0000 (18:55 +0000)]
Better document BN_ULONG (in the DESCRIPTION near BN_num_bits_word(3))
and BN_BITS2 (below RETURN VALUES).
While here, perform major reordering and rewriting
for precision and readability, in particular:
- Avoid misleading wordings like "size of a BIGNUM".
- Drop the trivial example.
- Move the pointers to RSA_size(3) and friends to CAVEATS.
- Stop recommending 8*BN_num_bytes() in this context because it is wrong, too.
tb [Tue, 22 Nov 2022 17:59:31 +0000 (17:59 +0000)]
Remove comment obsoleted by API change (and r1.3)
tb [Tue, 22 Nov 2022 17:58:15 +0000 (17:58 +0000)]
ed25519 test: make the testvectors table const
kn [Tue, 22 Nov 2022 15:49:06 +0000 (15:49 +0000)]
Use local variable consistently
All prior lines in this function already use it, do so on the last one.
OK claudio
kn [Tue, 22 Nov 2022 14:51:01 +0000 (14:51 +0000)]
Remove useless struct in6_ifextra
in6_var.h r1.75 removed all other struct members.
Now It only contains a single struct nd_ifinfo pointer, so address family
specific data might as well be just that.
ND_IFINFO() is the only way nd6_nbr.c and nd6.c access this data, there is
no other usage of if_afdata[].
One allocation and unhelpful indirection less per interface.
All under _KERNEL.
OK claudio
kn [Tue, 22 Nov 2022 14:37:58 +0000 (14:37 +0000)]
Add missing parantheses around if block
Stated during review but missed in the previous commit.
anton [Tue, 22 Nov 2022 10:40:33 +0000 (10:40 +0000)]
simplify makefile
anton [Tue, 22 Nov 2022 10:40:10 +0000 (10:40 +0000)]
Be more helpful and provide details on what the time conversion tests
need in order to run.
Also, output the expected SKIPPED string as dictated by bsd.regress.mk.
tobhe [Tue, 22 Nov 2022 09:53:46 +0000 (09:53 +0000)]
Copy apple-boot firmware to EFI system partition. This enables automatic
bootloader updates on Apple Silicon computers. We rely on fw_update(8)
to place apple-boot.bin in /etc/firmware. installboot(8) will pick it
up from there and copy it to $ESP/m1n1/boot.bin, if this directory
exists. The m1n1 directory and original boot.bin are created by the
Asahi Linux installer as part of the initial UEFI environment.
The firmware package was manually tested by many.
Regress, installation and upgrade with and without apple-boot.bin tested by me.
Feedback and ok kettenis@ kn@
tb [Tue, 22 Nov 2022 09:09:43 +0000 (09:09 +0000)]
Tweak a printf.
tb [Tue, 22 Nov 2022 08:56:33 +0000 (08:56 +0000)]
Add a unit test that crashes without bn_print.c r1.34.
tb [Tue, 22 Nov 2022 08:46:27 +0000 (08:46 +0000)]
Fix segfaults in BN_dec2bn() and BN_hex2bn()
bn_print.c r1.29 added length checks to avoid overflowing the BIGNUM.
If these checks are hit in length-only mode, i.e., bn is NULL, the
error path dereferences bn. Change goto err to an early return to
avoid this.
ok jsing
jmatthew [Tue, 22 Nov 2022 06:48:32 +0000 (06:48 +0000)]
Allocate additional command queue slots and use command completion events
to run commands where we can sleep while waiting. Rather than actually
using it as a queue, just allocate the slots to particular uses.
The first slot is used for polled commands (anything run while cold),
then there's one for general ioctls, one for kstat reads, and one for
link operations. Since we can sleep while waiting now, we need to serialize
access to the command slots. This is done with rwlocks for the ioctl and
kstat slots, and link slot is only used from a single instance task.
This also means we don't need to hold the kernel lock while doing kstat
reads.
Using interrupt based command completion drops the time taken to read all
the kstats off mcx interfaces from tens of milliseconds to almost nothing,
which is a pretty big win when you're reading them every few seconds on
busy firewalls.
ok dlg@
deraadt [Tue, 22 Nov 2022 04:04:17 +0000 (04:04 +0000)]
sync
dlg [Tue, 22 Nov 2022 03:40:53 +0000 (03:40 +0000)]
count how many times ifiqs enqueue and dequeue packets.
network cards try to enqueue a list of packets on an ifiq once per
interrupt and ifiqs already count how many packets they're handling.
this let's us see how well interrupt mitigation is working on a
ring or interface. ifiqs are supposed to provide backpressure
signalling to a driver if it enqueues a lot more work than it's
able to process in softnet, so recording dequeues let's us see this
ratio.
deraadt [Tue, 22 Nov 2022 03:28:32 +0000 (03:28 +0000)]
sync
kn [Mon, 21 Nov 2022 22:50:07 +0000 (22:50 +0000)]
Replace manual loop and duplicate RB_NEXT with RB_FOREACH
The loop begins with saving a pointer to the next interface, does work and
then gets the same next interface again, for nothing.
Switch to the elsewhere consistently used RB_FOREACH helper.
OK sashan
schwarze [Mon, 21 Nov 2022 22:04:04 +0000 (22:04 +0000)]
document BN_nist_mod_521(3) and their four siblings
kettenis [Mon, 21 Nov 2022 22:01:51 +0000 (22:01 +0000)]
aplpwm(4)
kettenis [Mon, 21 Nov 2022 21:48:06 +0000 (21:48 +0000)]
Add aplpwm(4), a driver for the PWM controller found on Apple silicon.
ok tobhe@
kettenis [Mon, 21 Nov 2022 20:19:21 +0000 (20:19 +0000)]
Get rid of pmap_map_early(). This is part of my crusade against the use of
1G mappings for the PA = VA identity mapping used in the early boot phase
of the kernel and when spinning up CPUs. The mappings are dangerous since
they might (unintentially) covering address ranges that should not be
mapped (i.e. secure memory) which is dangerous on arm64 since the
architecture allows speculative access to any address for which a valid
mapping exists and even speculative access may cause the machine to
misbehave.
So instead of relying on the PA = VA identity mapping, call pmap_bootstrap()
earlier such that we can use pmap_kenter_cache() to enter mappings for the
FDT.
ok miod@
kettenis [Mon, 21 Nov 2022 14:39:23 +0000 (14:39 +0000)]
Wait for a reply to the command that switches the touchpad into raw mode.
If we don't do this, the SMC appears to crash on machines with firmware
from macOS 12.6.1. Insert a small delay of 1ms after sending the command
as polling for the reply too soon makes the command fail.
ok tobhe@
sashan [Mon, 21 Nov 2022 07:27:10 +0000 (07:27 +0000)]
Fix DIOCIGETIFACES ioctl so all network interfaces
and interface groups are reported. The bug allowed
to enumerate the first 64 interfaces only.
The issue has been noticed and bug kindly reported
by Olivier Croquin.
OK kn@
dlg [Sun, 20 Nov 2022 23:47:51 +0000 (23:47 +0000)]
port the kstat code from re(4) to rge(4)
this bit of the hardware works the same, so it's straightforward work.
ok jmatthew@
schwarze [Sun, 20 Nov 2022 23:35:00 +0000 (23:35 +0000)]
Fix a surprising quirk in BN_GF2m_mod(3).
All other wrappers in the same file that use a temporary array of
degrees size that array dynamically, such that they are able to
handle reducing polynomials of arbitrary lengths. BN_GF2m_mod(3)
was the only one that used a static array of size 6 instead, limiting
it to trinomials and pentanomials and causing it to fail for longer
reducing polynomials.
Make this more uniform and less surprising by using exactly the
same code as in all the other wrappers, such that BN_GF2m_mod(3)
works with reducing polynomials of arbitrary length, too, just like
the others.
Again, tb@ points out this quirk is very unlikely to cause
vulnerabilities in practice because cryptographic applications do
not use longer reducing polynomials.
This patch is not expected to significantly impact performance
because the relevant caller, BN_GF2m_mod_div(3), already uses dynamic
allocation via BN_GF2m_mod_mul(3).
OK tb@
schwarze [Sun, 20 Nov 2022 22:23:43 +0000 (22:23 +0000)]
Fix an off-by-one bug in BN_GF2m_poly2arr(3).
If the last argument, the size of the output array, is too small to
contain all degrees present in the input polynomial plus one for the
terminating -1, the function is documented to return the size of the
output array that would be needed (in comments in the source code, in
the new manual page, and by the way how the function is used by other
functions in the same file). However, in case of overflow, the existing
code failed to include the element needed for the terminating -1 in the
return value, wrongly indicating success if everything but the -1 did
fit and reporting failure with a size that was still too small otherwise.
According to tb@, this is very unlikely to cause vulnerabilities in
practical applications because there is no real reason to pick a
reducing polynomial longer than a pentanomial, because all known
callers use either fixed size arrays of size 6 or dynamic allocation,
because use of GF(2^m) is rare in practice, and GF(2^m) with custom
reducing polynomials even more so.
OK tb@
kn [Sun, 20 Nov 2022 16:45:10 +0000 (16:45 +0000)]
Sync struct pfi_kif with reality
pfik_srcnodes and pfik_flagrefs members were added in sys/net/pfvar.h
r1.492 (jul 2019) and r1.505 (dec 2021), respectively.
deraadt [Sat, 19 Nov 2022 23:09:49 +0000 (23:09 +0000)]
correct alignment; from brad
kn [Sat, 19 Nov 2022 19:23:37 +0000 (19:23 +0000)]
fix vertical spacing in previous
cheloha [Sat, 19 Nov 2022 16:23:48 +0000 (16:23 +0000)]
mips64, loongson, octeon: switch to clockintr
- Remove mips64-specific clock interrupt scheduling bits from cpu_info.
- Add missing tick_nsec initialization to cpu_initclocks().
- Disable the glxclk interrupt clock on loongson. visa@/miod@ say it
can be removed later if it isn't useful for anything else.
- Wire up cp0_intrclock.
Notes:
- The loongson apm_suspend() changes are untested, but deraadt@ claims
APM suspend/resume on loongson doesn't work anyway.
- loongson and octeon now have a randomized statclock(), stathz = hz.
With input from miod@, visa@. Tested by miod@, visa@.
Link: https://marc.info/?l=openbsd-tech&m=166776379603497&w=2
ok visa@ mlarkin@
cheloha [Sat, 19 Nov 2022 16:02:37 +0000 (16:02 +0000)]
riscv64: switch to clockintr
- Remove riscv64-specific clock interrupt scheduling bits from
cpu_info.
- Remove riscv64-specific randomized statclock() bits from
riscv64/clock.c.
- Remove the 'stat_count' evcount. All clock interrupts are
now counted via the 'clock_count' evcount.
- Wire up timer_intrclock.
With input from jca@, kettenis@. Tested by jca@.
Link: https://marc.info/?l=openbsd-tech&m=166776413003655&w=2
ok kettenis@ jca@ mlarkin@
mvs [Sat, 19 Nov 2022 15:12:38 +0000 (15:12 +0000)]
Decrease netlock pressure in pppx(4).
Push netlock down to pppx_add_session(). The 'pppx_if' structure has
the `pxi_ready' member to prevent access to incomplete `pxi', so we
don't need to hold netlock during all initialisation process. This
removes potential PR_WAITOK/M_WAITOK allocations impact on packet
processing. Also this removes relock dances around if_attach() and
if_detach() calls.
Do not grab netlock for FIONREAD. mbuf(9) queue doesn't rely on it.
Do not grab netlock around pipex_ioctl() call. pipex(4) has its own
protection and doesn't rely on netlock. We need to unlink pipex(4)
session before destroy associated `pxi', it can't be killed
concurrently. Also this stops to block packet processing when npppd(8)
periodically does PIPEXGCLOSED ioctl(2) commands.
The dummy FIONBIO case doesn't require any lock to be held.
The netlock remains to be taken around pppx_del_session() and
pppx_set_session_descr() because pppx(4) data structures rely on it.
Tested by Hrvoje Popovski.
ok yasuoka@
kn [Sat, 19 Nov 2022 14:26:39 +0000 (14:26 +0000)]
Push kernel lock into pru_control() aka. in6_control() / in_control()
so->so_state is already read without kernel lock inside soo_ioctl()
which calls pru_control() aka in6_control() and in_control().
OK mvs
kn [Sat, 19 Nov 2022 14:01:51 +0000 (14:01 +0000)]
Prettify expired rules printing
"pfctl -s rules" omits expired rules but print newlines for them.
"pfctl -s rules -v" omits expired rules but print their stats.
Add the existing skip check to those two missing print logic places such
that expired rules won't cause any output at all, as expected, unless
debug ("-g") or more verbose ("-vv") mode are given, as documented.
OK sashan
tb [Sat, 19 Nov 2022 12:25:23 +0000 (12:25 +0000)]
Fix comment describing BN_mod_sqrt()
It was placed and formatted weirdly. Fix the title of the book referenced
and complete the reference's information.
tb [Sat, 19 Nov 2022 11:53:38 +0000 (11:53 +0000)]
Rework pkey_dsa_sign() and pkey_dsa_verify()
Since DSA_sign() and DSA_verify() ignore their type argument, don't bother
to determine it here. Check all size_t for overflow before passing them as
int arguments. Follow OpenSSL and add a check to see if the tbs blob's
length matches the one of the md, in case it is set on the EVP_PKEY_CTX.
Fix return value check of DSA_sign().
ok jsing
tb [Sat, 19 Nov 2022 11:48:24 +0000 (11:48 +0000)]
Rework DSA_sign() and DSA_verify()
Change DSA_sign() to single exit and check the signed i2d_DSA_SIG() return
value before assigning it to an unsigned int.
In DSA_verify() let d2i_DSA_SIG() handle the allocation, split error check
of i2d_DSA_SIG() from signature check and change an unnecessary freezero()
to free.
ok jsing
sthen [Sat, 19 Nov 2022 08:02:11 +0000 (08:02 +0000)]
Add O: to the getopt string for newfs in mount_mfs mode, allowing it to
optionally use FFS2 (stu@ ran into a problem when running some tests on
an MFS filesystem that involved future dates).
Correct the manual which said that FFS2 is the default, which isn't the
case for mount_mfs.
lgtm miod@
tb [Sat, 19 Nov 2022 07:29:29 +0000 (07:29 +0000)]
Fix an annoying quirk in the EC code
Dealing with elliptic curves makes some people think that it would be kind
of neat to multiply types with variable names. Sometimes. Only in function
definitions.
tb [Sat, 19 Nov 2022 07:00:57 +0000 (07:00 +0000)]
whitespace
tb [Sat, 19 Nov 2022 06:33:00 +0000 (06:33 +0000)]
Fix whitespace
tb [Sat, 19 Nov 2022 04:36:52 +0000 (04:36 +0000)]
Unindent and check some pointers explicitly against NULL
tb [Sat, 19 Nov 2022 04:32:49 +0000 (04:32 +0000)]
Remove HMAC PRIVATE KEY support
This is an undocumented feature of openssl genpkey for testing purposes.
Emilia removed support for this 'bogus private key format' from OpenSSL
in 2017 in commit
c26f655fdd18ac19016c1c0496105f5256a1e84d.
ok jsing
tb [Fri, 18 Nov 2022 20:03:36 +0000 (20:03 +0000)]
Check os for NULL before dereferencing it
Avoids a segfault when both priv == NULL and os == NULL.
ok miod
mbuhl [Fri, 18 Nov 2022 19:47:40 +0000 (19:47 +0000)]
In channel_request_remote_forwarding the parameters for permission_set_add
are leaked as they are also duplicated in the call.
Found by CodeChecker.
ok djm
florian [Fri, 18 Nov 2022 19:07:54 +0000 (19:07 +0000)]
Add four new SI prefixes.
This is resolution 3 "Sur l’extension de la liste des préfixes du SI",
passed by the 27th meeting of the Conférence générale des poids et
mesures.
OK deraadt, daniel, sthen
mbuhl [Fri, 18 Nov 2022 18:56:39 +0000 (18:56 +0000)]
Revert my last two changes.
If csa_bundled is set, exactly two csas exist and they point to
each other. Therefore childsa_free already sets the bundled csa
pointer to NULL and it shouldn't be done after calling childsa_free.
ok tobhe@
tb [Fri, 18 Nov 2022 18:32:14 +0000 (18:32 +0000)]
zap a stray semicolon
kn [Fri, 18 Nov 2022 18:11:10 +0000 (18:11 +0000)]
Improve "once" bits
- use imperative tense in the pf.conf(5) "once" part
- leave printing implementation details to pfctl(8)'s "-s rules" part
- use more markup
- debug mode also prints expired rules
OK jmc sashan
tb [Fri, 18 Nov 2022 15:10:51 +0000 (15:10 +0000)]
Include bytestring.h directly rather than pulling it in via asn1_locl.h
tb [Fri, 18 Nov 2022 15:01:04 +0000 (15:01 +0000)]
Wire up HMAC to raw private key methods
Obviously, the brilliant API design kitchen decided that an interface
carrying public and private key in its name (so that every sane person
thinks of asymmetric cryptography), is also perfectly suitable for MACs.
Wire up HMAC since Ruby's OpenSSL gem uses these bindings if the build
system detects that EVP_PKEY_new_raw_public_key() is available in evp.h.
While there, also add the missing pub_cmp() ameth, which obviously
treats two things as equal by returning 1.
Reported by jeremy and anton, fixes regress/lib/libssl/openssl-ruby tests
ok jsing
millert [Fri, 18 Nov 2022 14:52:03 +0000 (14:52 +0000)]
Write number of bytes read/written and "?" prompt to stdout, not stderr.
This matches both historical behavior and the POSIX specification.
From Soeren Tempel.
tb [Fri, 18 Nov 2022 14:45:10 +0000 (14:45 +0000)]
Change the pkey.ptr from char * to void *
Now that EVP_PKEY is opaque, there is no reason to keep the ptr member
of the pkey union as a weird char pointer, a void pointer will do. This
avoids a few stupid casts and simplifies an upcoming diff.
ok jsing
tb [Fri, 18 Nov 2022 14:38:34 +0000 (14:38 +0000)]
Move skiplist to main and merge with shortlist.
With/ok job
jmc [Fri, 18 Nov 2022 11:07:10 +0000 (11:07 +0000)]
zap errant space in usage();
claudio [Fri, 18 Nov 2022 10:26:04 +0000 (10:26 +0000)]
Add aspa-set config test.
claudio [Fri, 18 Nov 2022 10:17:23 +0000 (10:17 +0000)]
Add plumbing for ASPA support. This implements the parser and part of the
logic in the rtr process. It does not implement the new RTR messages yet
but it is possible to specify an aspa-set in the config. Also the validation
code in the RDE is missing so this does not do anything.
With this in it will be possible to extend rpki-client to publish an
aspa-set as part of the openbgpd config file.
OK tb@
tb [Fri, 18 Nov 2022 07:28:34 +0000 (07:28 +0000)]
group -> field
discussed with schwarze
tb [Fri, 18 Nov 2022 07:27:31 +0000 (07:27 +0000)]
polynominal -> polynomial
ok schwarze
anton [Fri, 18 Nov 2022 06:43:39 +0000 (06:43 +0000)]
cope with new getaddrinfo() error message
deraadt [Fri, 18 Nov 2022 05:58:56 +0000 (05:58 +0000)]
sync
deraadt [Fri, 18 Nov 2022 03:47:21 +0000 (03:47 +0000)]
mips64 code calls uvm_map_protect() directly, so needs to adapt:
stack growth from setrlimit was never updated to set UVM_ET_STACK on
the entries, so the check-sp-at-system-call check failed. Quite strange
it took this long to find this.
ok kettenis
schwarze [Fri, 18 Nov 2022 01:21:40 +0000 (01:21 +0000)]
new manual page BN_GF2m_add(3)
concerning arithmetic in Galois fields of power-of-2 order
deraadt [Thu, 17 Nov 2022 23:26:07 +0000 (23:26 +0000)]
With regret, place mutexes after struct vm_map fields which are inspected
by libkvm and procmap(8). struct mutex can change based upon kernel
compile options, and the fields were dancing around
ok kettenis