tb [Mon, 15 Aug 2022 10:48:45 +0000 (10:48 +0000)]
Initialize readbytes in BIO_gets()
If the bgets() callback returns <= 0, we currently rely on the user
provided callback to set readbytes, which isn't ideal. This also
matches what's done in BIO_read() and BIO_write().
ok jsing
tb [Mon, 15 Aug 2022 10:46:53 +0000 (10:46 +0000)]
Avoid shadowing the cbs function parameter in tlsext_alpn_server_parse()
ok jsing
tb [Mon, 15 Aug 2022 10:45:25 +0000 (10:45 +0000)]
Remove redeclaration of ret
When ret was introduced in an outer scope in r1.113, this declaration
wasn't garbage collected.
ok jsing
claudio [Mon, 15 Aug 2022 10:29:03 +0000 (10:29 +0000)]
For FCGI_END_REQUEST reset the clt struct similar to what is done in the
file and other cases. Especially when the session uses keep-alive it is
important to set TOREAD_HTTP_HEADER so that the state machine knows what's
next.
OK op@
schwarze [Mon, 15 Aug 2022 10:21:01 +0000 (10:21 +0000)]
In GNU, Heirloom, and Plan 9 roff, literal tab characters are
non-breakable in exactly the same way as "\ ". That is, the preceding
word, the tab character, and the following word are always kept
together on the same output line. If filling is enabled and an
output line break is required before the end of the following word,
the break occurs before the beginning of the preceding word.
Make mandoc behave in the same way.
Of course, using literal tab characters in filled text remains a
bad idea, and the "WARNING: tab in filled text" remains unchanged.
op [Mon, 15 Aug 2022 09:40:14 +0000 (09:40 +0000)]
plug some memory leaks in server_file_index when failures occur
namelist and its entries are not freed if escape_html fails or if we
fail in the inner loop. Move scandir later so it's closer to the for
loop and handle escape_html and url_encode failures.
With lots of help from tb, thanks!
ok tb@
op [Mon, 15 Aug 2022 09:36:19 +0000 (09:36 +0000)]
plug a fd leak in read_errdoc if fstat fails or if the file is empty
tweak/ok tb@
mvs [Mon, 15 Aug 2022 09:11:38 +0000 (09:11 +0000)]
Introduce 'pr_usrreqs' structure and move existing user-protocol
handlers into it. We want to split existing (*pr_usrreq)() to multiple
short handlers for each PRU_ request as it was already done for
PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)()
split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
mvs [Mon, 15 Aug 2022 09:10:36 +0000 (09:10 +0000)]
Stop doing lockless `t_flags' check within task_add(9) and task_del(9).
This doesn't work on MP systems. We do locked `t_flags' check just after
lockless check, so just remove it.
ok dlg@
nicm [Mon, 15 Aug 2022 09:10:34 +0000 (09:10 +0000)]
Notify when a paste buffer is deleted, GitHub issue 3302 from George
Nachman.
claudio [Mon, 15 Aug 2022 09:06:54 +0000 (09:06 +0000)]
Use TCP_INFO instead of kvm magic to extract information about the tcp streams.
Variable names listed by -l change and there is no more need to change
kern.allowkmem. To get all possible values tcpbench still needs to be run
as root.
OK bluhm@ djm@
nicm [Mon, 15 Aug 2022 08:54:03 +0000 (08:54 +0000)]
Add a Nobr terminfo capability to tell tmux the terminal does not use
bright colours for bold (makes a difference to how tmux applies palette
differences). From Damien Tardy-Panis in GitHub issue 3301.
nicm [Mon, 15 Aug 2022 08:41:13 +0000 (08:41 +0000)]
Add some const, from Markus F X J Oberhumer.
nicm [Mon, 15 Aug 2022 08:37:03 +0000 (08:37 +0000)]
Don't stop at first match when updating environment.
daniel [Mon, 15 Aug 2022 04:17:50 +0000 (04:17 +0000)]
drop detection code for 386sx/386dx CPUs
OpenBSD/i386 doesn't actually support running on 386sx or 386dx CPUs
so we don't need to test whether we're running on one of these CPUs
anymore.
The 486 (which was launched in 1989) added a few new features over
the 386:
- an alignment check flag in EFLAGS
- 3 new userland instructions: bswap / cmpxchg / xadd
- 3 new kernel mode instructions: invd / wbinvd / invlpg
- new bits in CR0 (386 CPUs did not support ring0 write protection)
- new bits in CR3
In this diff, we remove the code that checks for the alignment check
flag as we've only supported Pentium (or newer) CPUs for some time.
The rest of the diff is about updating comments related to pre-486
CPUs. 2 files under arch/amd64 are updated to keep them in sync
with the arch/i386 updates.
ok mlarkin@, jsg@; tweak from miod@
jsg [Mon, 15 Aug 2022 03:21:04 +0000 (03:21 +0000)]
remove unused uvm_aiobuf_pool
jsg [Mon, 15 Aug 2022 03:12:12 +0000 (03:12 +0000)]
remove unused uvm_map_sel_limits()
ok miod@ millert@
jsg [Mon, 15 Aug 2022 02:07:11 +0000 (02:07 +0000)]
remove tulip_mbuf_compress() unused since if_de.c 1.127
ok miod@
jsg [Mon, 15 Aug 2022 01:59:00 +0000 (01:59 +0000)]
remove unused smc91cxx_activate()
ok miod@
jsg [Mon, 15 Aug 2022 01:47:09 +0000 (01:47 +0000)]
remove msdosfs findwin95()
unused since msdosfs_vfsops.c 1.95
ok miod@ millert@
jsg [Mon, 15 Aug 2022 01:35:07 +0000 (01:35 +0000)]
remove unused uvideo_enable()/uvideo_disable()
ok mglocker@ miod@
jca [Sun, 14 Aug 2022 21:10:08 +0000 (21:10 +0000)]
Unbreak, don't assume we always hold the NET_LOCK
After net/if.c:rev 1.661 ifioctl() doesn't take the net lock any more
around SIOCGIFMEDIA and SIOCSIFMEDIA, which broke cad_ioctl().
The same was already true about SIOCGIFSFFPAGE. Only release/reacquire
the net lock if warranted.
Input mvs@, ok miod@ mvs@ bluhm@
millert [Sun, 14 Aug 2022 15:01:18 +0000 (15:01 +0000)]
Use size_t for the length parameters, not off_t.
Now that zlib uses unsigned long for its totals there is no reason
to use off_t in ctfdump. This is similar to the changes in db_ctf.c.
OK tb@
millert [Sun, 14 Aug 2022 14:57:38 +0000 (14:57 +0000)]
db_ctf_decompress: use size_t not off_t for length parameter
The only caller of db_ctf_decompress() passes a size_t for the length.
This eliminates sign comparison warnings without using casts.
OK jca@ tb@
millert [Sun, 14 Aug 2022 14:54:13 +0000 (14:54 +0000)]
Use size_t, not off_t, for length parameters.
This matches how the functions are called and eliminates a few casts.
OK tb@
jsg [Sun, 14 Aug 2022 01:58:27 +0000 (01:58 +0000)]
remove unneeded includes in sys/kern
ok mpi@ miod@
mvs [Sat, 13 Aug 2022 21:01:46 +0000 (21:01 +0000)]
Introduce the pru_*() wrappers for corresponding (*pr_usrreq)() calls.
This is helpful for the following (*pr_usrreq)() split to multiple
handlers. But right now this makes code more readable.
Also add '#ifndef _SYS_SOCKETVAR_H_' to sys/socketvar.h. This prevents the
collisions when both sys/protosw.h and sys/socketvar.h are included
together. Both 'socket' and 'protosw' structures are required to be
defined before pru_*() wrappers, so we need to include sys/socketvar.h to
sys/protosw.h.
ok bluhm@
bluhm [Sat, 13 Aug 2022 19:13:45 +0000 (19:13 +0000)]
Remove needless include pledge.h accidently added in previous commit.
OK claudio@
semarie [Sat, 13 Aug 2022 16:02:15 +0000 (16:02 +0000)]
blist: fix a possible blist corruption with blist_alloc() due to unsigned
swblk_t on OpenBSD.
reorder if condition in blst_meta_alloc(), in order to check if the node is
'Terminator' node first (and leave the loop).
DragonFlyBSD is unaffected by it as swblk_t is signed (and the first condition
isn't taken).
add a regress test for it.
while here, more the KASSERT() to KDASSERT(). it is useful but only with DEBUG.
ok miod@ todd@
kevlo [Sat, 13 Aug 2022 14:16:59 +0000 (14:16 +0000)]
Correct rx data rate for rtl8192eu
ok stsp@, jmatthew@
jmc [Sat, 13 Aug 2022 11:13:17 +0000 (11:13 +0000)]
clarify the boot text;
discussed with and ok stsp
kmos [Sat, 13 Aug 2022 07:14:07 +0000 (07:14 +0000)]
The portgen Python modue has been rotting and doesn't generate a usable
port. Disable it and pull mention of it from the portgen(1) man page.
Don't delete the modules yet, in case someone wants to whip it back into
shape.
ok sthen
jsg [Sat, 13 Aug 2022 06:44:48 +0000 (06:44 +0000)]
avoid uninitialised var when boot_unit has an unexpected value
tested by and ok aoyama@
deraadt [Sat, 13 Aug 2022 04:35:12 +0000 (04:35 +0000)]
sync
stsp [Fri, 12 Aug 2022 20:18:58 +0000 (20:18 +0000)]
Crank amd64 boot loader version numbers for softraid(4) RAID 1C boot support.
stsp [Fri, 12 Aug 2022 20:17:46 +0000 (20:17 +0000)]
add support for booting from RAID 1C softraid(4) volumes on amd64
Only boot-loader changes are needed. Both installboot(8) and
the kernel already do what is required to make this work.
ok kn@
Tested:
biosboot on vmm: kn, stsp
biosboot and efiboot on server hardware: stsp
krw [Fri, 12 Aug 2022 20:05:49 +0000 (20:05 +0000)]
Revert to pre-r1.249 more laissez-faire checks for valid MBR
partitions.
miod@ (re)discovered an off-by-one in some device size
calculations. Whether the ancient misbehaviour of some devices to
confuse number of sectors with highest valid sector address or
something newer.
Should fix miod@'s octeon boot disk.
miod [Fri, 12 Aug 2022 17:19:52 +0000 (17:19 +0000)]
Make sure we don't pass uninitialized siginfo values to trapsignal(); from
clang via jsg@, ok jsg@
bluhm [Fri, 12 Aug 2022 17:04:16 +0000 (17:04 +0000)]
Remove differences between ip_fragment() and ip6_fragment(). They
do nearly the same thing, so they should look similar.
OK sashan@
millert [Fri, 12 Aug 2022 16:50:57 +0000 (16:50 +0000)]
Update to 2022bgtz from https://github.com/JodaOrg/global-tz
Major changes:
o Chile's DST is delayed by a week in September 2022.
o Iran no longer observes DST after 2022.
o Rename Europe/Kiev to Europe/Kyiv.
bluhm [Fri, 12 Aug 2022 16:42:54 +0000 (16:42 +0000)]
Fix non working continue in do while(0) loop.
OK mvs@ jca@
CID
1519492
mvs [Fri, 12 Aug 2022 16:38:50 +0000 (16:38 +0000)]
Remove unused fields from 'pflow_softc' structure.
ok bluhm@
mvs [Fri, 12 Aug 2022 16:38:09 +0000 (16:38 +0000)]
Fix race between pflow_output_process() and pflow_clone_destroy().
Unlink pflow(4) interface from `pflowif_list' before start destruction to
prevent pflow_output_process() being rescheduled. Also wait until running
pflow_output_process() task finished.
Problem reported and fix tested by Hrvoje Popovski.
ok bluhm@
tb [Fri, 12 Aug 2022 16:13:40 +0000 (16:13 +0000)]
Fix upper bound in a for loop (no functional change).
tb [Fri, 12 Aug 2022 16:12:39 +0000 (16:12 +0000)]
Tweak a comment to be more accurate.
bluhm [Fri, 12 Aug 2022 14:49:15 +0000 (14:49 +0000)]
There are some places in ip and ip6 input where operations fail due
to out of memory. Use a generic idropped counter for those.
OK mvs@
visa [Fri, 12 Aug 2022 14:30:52 +0000 (14:30 +0000)]
Put more struct vnode fields under splbio().
Buffer cache related struct vnode fields can be accessed in interrupt
context. Be more consistent with the use of splbio().
OK mpi@
aoyama [Fri, 12 Aug 2022 13:36:19 +0000 (13:36 +0000)]
Fix to work 1bpp Xorg server again on 1bpp framebuffer hardware.
Recent xenocara wsfb driver can treat LUNA's framebuffer "offset", but it
requires one more page by mmap() when we use offset.
Noticed and tested on nono emulator with 1bpp setting.
claudio [Fri, 12 Aug 2022 13:24:30 +0000 (13:24 +0000)]
Implement slowcgi_timeout() to actually kill the backend bgpctl process.
If that succeeds the fcgi session will be terminated the regular way.
If it fails close all fds and finish the request.
Sending a SIGTERM to a read only bgpctl process should be fine at any point.
Also reduce the timeout to 30sec. This is not long enough to dump a full
rib but nobody should do that.
OK tb@
tb [Fri, 12 Aug 2022 13:19:02 +0000 (13:19 +0000)]
No need to make a deep copy of the EE cert
The EE Cert has just been allocated as part of deserializing the cms.
There is no need for an expensive copy, we can just keep a reference.
ok job
bluhm [Fri, 12 Aug 2022 12:08:54 +0000 (12:08 +0000)]
At successful return ip6_check_rh0hdr() keeps *offp unmodified.
The IPv6 routing header type 0 check should modify *offp only in
case of an error, so that the generated icmp6 packet has the correct
pointer.
OK sashan@
landry [Fri, 12 Aug 2022 10:38:37 +0000 (10:38 +0000)]
pkg_add.1: fix typo in pkg stem with flavor example
from Frederic Nowak, thanks !
claudio [Fri, 12 Aug 2022 08:40:25 +0000 (08:40 +0000)]
Use break instead of return so that a HEAD request still consumes all data.
OK op@
jsg [Fri, 12 Aug 2022 08:34:43 +0000 (08:34 +0000)]
use string literal for format string
ok deraadt@ miod@
jsg [Fri, 12 Aug 2022 08:31:06 +0000 (08:31 +0000)]
use string literal for format string
ok miod@
op [Fri, 12 Aug 2022 06:41:41 +0000 (06:41 +0000)]
fix regression introduced in previous commit. HEAD replies don't have a
body so server_fcgi_error shouldn't print the end marker.
OK claudio@
djm [Fri, 12 Aug 2022 05:20:28 +0000 (05:20 +0000)]
sftp-server: support home-directory request
Add support to the sftp-server for the home-directory extension defined
in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the
existing expand-path@openssh.com, but uses a more official protocol name,
and so is a bit more likely to be implemented by non-OpenSSH clients.
From Mike Frysinger, ok dtucker@
cheloha [Fri, 12 Aug 2022 02:20:36 +0000 (02:20 +0000)]
amd64: simplify TSC synchronization testing
Computing a per-CPU TSC skew value is error-prone, especially on
multisocket machines and VMs. My best guess is that larger latencies
appear to the current skew measurement test as TSC desync, and so the
TSC is demoted to a kernel timecounter on these machines or marked
non-monotonic.
This patch eliminates per-CPU TSC skew values. Instead of trying to
measure and correct for TSC desync we only try to detect desync, which
is less error-prone. This approach should allow a wider variety of
machines to use the TSC as a timecounter when running OpenBSD.
In the new sync test, both CPUs repeatedly try to detect whether their
TSC is trailing the other CPU's TSC. The upside to this approach is
that it yields no false positives. The downside to this approach is
that it takes more time than the current skew measurement test. Each
test round takes 1ms, and we run up to two rounds per CPU, so this
patch slows boot down by 2ms per AP.
If any CPU fails the sync test, the TSC is marked non-monotonic and a
different timecounter is activated. The TC_USER flag remains intact.
There is no middle ground where we fall back to only using the TSC in
the kernel.
Before running the test, we check for the IA32_TSC_ADJUST register and
reset it if necessary. This is a trivial way to work around firmware
bugs that desync the TSC before we reach the kernel. Unfortunately,
at the moment this register appears to only be available on Intel
processors. I cannot find an equivalent but differently-named MSR for
AMD processors.
Because there is no per-CPU skew value, there is also no concept of
TSC drift anymore.
Miscellaneous notes:
- This patch adds a new timecounter utility function, tc_reset_quality().
Used after sync test failure to mark the TSC non-monotonic.
- I have left TSC_DEBUG enabled for now. Unsure if we should leave it
enabled for release or not. If we disable it we no longer run the
sync test after failing it once. Running the test even after failure
provides information about the desync on every CPU.
- Taking 1ms per test round is fairly conservative. We can experiment
with and discuss shorter test rounds. My main goal with a relatively
long test round is ensuring VMs actually run the test. It would be
bad if a hypervisor interrupted the test for so long that it concealed
desync.
- The use of two test rounds is mostly a diagnostic tool: it would be
very strange if a CPU passed the first round but failed the second.
If we ever saw this in the wild it would indicate something odd.
- Most of the desync seen in test reports is on Ryzen CPUs. I
believe, but cannot prove, that this is due to a widespread
firmware bug on AMD motherboards. Hopefully AMD and/or the
downstream vendors fix it.
- Fixing TSC desync by writing the TSC directly with WRMSR is very
difficult. The TSC is a moving target incrementing very quickly and
compensating for WRMSR overhead is non-trivial. We can experiment
with this, but my confidence is low that we can make it work reliably.
Prompted by deraadt@ and kettenis@ in 2021. Shepherded along by
deraadt@ throughout. Reprompted by Yuichiro Naito several times.
With input from Yuichiro Naito, naddy@, sthen@, dv@, and deraadt@.
Tested by florian@, gnezdo@, sthen@, Josh Rickmar, dv@, Mohamed Aslan,
Hrvoje Popovski, Yuichiro Naito, semarie@, mlarkin@, asou@, jmatthew@,
Renato Aguiar, and Timo Myyra.
Patch v1: https://marc.info/?l=openbsd-tech&m=
164330092208035&w=2
Patch v2: https://marc.info/?l=openbsd-tech&m=
164558519712957&w=2
Patch v3: https://marc.info/?l=openbsd-tech&m=
165698681018991&w=2
Patch v4: https://marc.info/?l=openbsd-tech&m=
165835507113680&w=2
Patch v5: https://marc.info/?l=openbsd-tech&m=
165923705118770&w=2
"just commit it" deraadt@
krw [Fri, 12 Aug 2022 00:32:59 +0000 (00:32 +0000)]
Coverity says multiplying two uint32_t's and assigning them to
a uint64_t may not produce the (humanly) obvious result.
Cast one of them to a (uint64_t) in the hope of invoking the
appropriate int promotion god.
CID
1519495
cheloha [Fri, 12 Aug 2022 00:24:07 +0000 (00:24 +0000)]
renice(8): don't succeed after 256 errors
Set error instead of incrementing it.
Link: https://marc.info/?l=openbsd-tech&m=166025831731506&w=2
ok millert@
krw [Thu, 11 Aug 2022 20:22:27 +0000 (20:22 +0000)]
Don't trust gpt header data read from disk until after its
validity is checked.
Found the hard way by kn@
Cluebats from millert@ and deraadt@.
Fix tested by and ok kn@
cheloha [Thu, 11 Aug 2022 17:15:21 +0000 (17:15 +0000)]
powerpc64: cpu_initclocks: do tc_init(9) before cpu_startclock()
In the future, the clock interrupt will need a working timecounter to
accurately reschedule itself.
Move tc_init(9) up before cpu_startclock().
kettenis@ notes several other platforms need this same change. Maybe
we can do the rest all at once.
Tested by kettenis@.
Link: https://marc.info/?l=openbsd-tech&m=165343754512382&w=2
ok kettenis@
patrick [Thu, 11 Aug 2022 14:49:42 +0000 (14:49 +0000)]
Don't yet configure smmu(4) on Qualcomm SoCs as used on the Lenovo x13s
as it is still not ready for runtime use and probably needs further quirks.
Discussed with deraadt@
op [Thu, 11 Aug 2022 14:25:22 +0000 (14:25 +0000)]
correctly handle an abnormal fastcgi termination. httpd handles the
disconnection from the fastcgi application via server_file_error which
assumes that the reply was completey done. However, if the fastcgi
reply wasn't complete (e.g. because slowcgi hit the timeout) the HTTP
client are left "hanging" and waiting for a reply until they give up.
This adds a server_fcgi_error callback to handle the "no headers" and
"incomplete data" cases and properly close the reply before falling back
to server_file_error.
OK claudio@
jmc [Thu, 11 Aug 2022 14:04:08 +0000 (14:04 +0000)]
remove useless Pp;
tb [Thu, 11 Aug 2022 10:36:32 +0000 (10:36 +0000)]
Remove unused variable
X509_NAME_print() is documented to print things at a given indentation
level. Unfortunately, this never worked since someone got some logic
wrong. Part of the wrong logic was removed in a dead code removal in
OpenSSL commit
92ada7cc, but the variable l was left behind, which leads
to compiler warnings on some platforms. End its sad life pointlessly
and incorrectly measuring column width and remove it.
ok jsing
anton [Thu, 11 Aug 2022 09:22:38 +0000 (09:22 +0000)]
Revert previous commit as the bounds check was correct.
claudio [Thu, 11 Aug 2022 09:15:35 +0000 (09:15 +0000)]
Add information about TCP_INFO. Be a bit vague about struct tcp_info since
it is not standardised.
claudio [Thu, 11 Aug 2022 09:13:21 +0000 (09:13 +0000)]
Add TCP_INFO support to getsockopt for tcp sessions.
TCP_INFO provides a lot of information about the TCP session of this socket.
Many processes like to peek at the rtt of a connection but this also provides
a lot of more special info for use by e.g. tcpbench(1).
While the basic minimal info is available all the time the more specific
data is only populated for privileged processes. This is done to not share
data back to userland that may allow to attack a session.
TCP_INFO is available to pledge "inet" since pledged processes like chrome
tend to use TCP_INFO when available.
OK bluhm@
nicm [Thu, 11 Aug 2022 09:11:26 +0000 (09:11 +0000)]
vi(1) Home/End bindings, from Markus F X J Oberhumer.
anton [Thu, 11 Aug 2022 07:32:57 +0000 (07:32 +0000)]
Remove prefix from nested battery struct fields.
tb [Thu, 11 Aug 2022 02:56:34 +0000 (02:56 +0000)]
Revert uLong -> z_off_t change in the kernel
The kernel source assumes the original zlib ABI. There is no reason to
stick to this local change. Pull in a fix matching ctfdump.c -r1.26.
This is hopefully the last change necessary to undo a painful hack that
was committed 19 years ago without ok. Someone owes me a lot of beer...
ok millert
djm [Thu, 11 Aug 2022 01:57:50 +0000 (01:57 +0000)]
add some tests for parse_absolute_time(), including cases where it
is forced to the UTC timezone. bz3468 ok dtucker
djm [Thu, 11 Aug 2022 01:56:51 +0000 (01:56 +0000)]
allow certificate validity intervals, sshsig verification times and
authorized_keys expiry-time options to accept dates in the UTC time
zone in addition to the default of interpreting them in the system
time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be
interpreted as UTC if suffixed with a 'Z' character.
Also allow certificate validity intervals to be specified in raw
seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
is intended for use by regress tests and other tools that call
ssh-keygen as part of a CA workflow.
bz3468 ok dtucker
mglocker [Wed, 10 Aug 2022 20:19:22 +0000 (20:19 +0000)]
Fix off-by-one in channel count, from NetBSD.
"Looks right" deraadt@
miod [Wed, 10 Aug 2022 17:37:48 +0000 (17:37 +0000)]
Fix Gdium boot setup.
patrick [Wed, 10 Aug 2022 17:02:37 +0000 (17:02 +0000)]
On the Qualcomm SoC as implemented on the Lenovo x13s the BIOS already
configures and makes use of the SMMU. We need to keep those mappings
alive as otherwise the machine will die and reboot. Unfortunately we
cannot simply set those domains to bypass, as when we set a domain to
bypass it is actually set to fault. Instead reserve a domain and set
it to disabled, which behaves the same as if we used a bypass mapping.
With feedback from kettenis@
patrick [Wed, 10 Aug 2022 16:58:16 +0000 (16:58 +0000)]
Provide the AML root in ACPI's softc so that drivers that need access
don't have to declare it using extern.
Suggested by and with feedback from kettenis@
Tested by deraadt@ on arm64, amd64 and i386
Tested by bluhm@ on amd64 and i386
tb [Wed, 10 Aug 2022 16:51:26 +0000 (16:51 +0000)]
Avoid signed integer overflow due to unary negation
The current X509_print_ex() tries too hard pretty printing negative
serialNumbers (which shouldn't occur in the first place). In particular,
negating LONG_MAX leads to signed overflow. Ditch the code dealing with
negative serialNumbers representable as long and fall back to the long
form printing. This simplifies the code and fixes
oss-fuzz #49944
with/ok jsing
miod [Wed, 10 Aug 2022 15:00:58 +0000 (15:00 +0000)]
Also attach spdmem on Gdium.
job [Wed, 10 Aug 2022 14:54:03 +0000 (14:54 +0000)]
Clarify warning related to ROA eContent
job [Wed, 10 Aug 2022 14:37:33 +0000 (14:37 +0000)]
Disallow AS Resources extension on ROA EE certificates
The ROA specification (RFC 6482 section 4) is a bit underspecified, however
in the wild the RFC 3779 AS Resources extension never ever appears on ROA EE
certificates, as it serves no purpose in the validation process.
OK tb@
tb [Wed, 10 Aug 2022 14:21:24 +0000 (14:21 +0000)]
Reverse NULL check in krVPN6_change()
This matches the VPN4 code and avoids a NULL deref in the else branch.
ok claudio
claudio [Wed, 10 Aug 2022 14:17:01 +0000 (14:17 +0000)]
More kroute_nexthop cleanup. Mainly use direct assignment instead of
memcpy(). Additionally replace a bzero() with memset() and remove to
superfluous bzero calls.
OK tb@
nicm [Wed, 10 Aug 2022 14:03:59 +0000 (14:03 +0000)]
Fix check of home directory (&& not ||), from Markus F X J Oberhumer,
GitHub issue 3297.
miod [Wed, 10 Aug 2022 12:20:05 +0000 (12:20 +0000)]
Pass the "good random" flag from the bootblocks to the kernel when applicable.
tb [Wed, 10 Aug 2022 12:06:28 +0000 (12:06 +0000)]
Cast int64_t to uint64_t for negating
Avoid signed integer overflow by casting an int64_t to uint64_t before
negating. Same fix was applied in a_int.c -r1.44, but was forgotten to
be applied to a_enum.c.
ok jsing
tb [Wed, 10 Aug 2022 11:15:08 +0000 (11:15 +0000)]
Only print versions we know about
The version field of an X.509 Certificate is an enum
Version ::= INTEGER { v1(0), v2(1), v3(2) }
Printing the version as l + 1 only really makes sense with 0 <= l <= 2.
Otherwise print a naked l while also indicating that it is an unknown
version.
ok jsing
claudio [Wed, 10 Aug 2022 11:11:02 +0000 (11:11 +0000)]
Fix logic in network_dump_upcall()
The nexthop can be valid but still a NULL pointer. In that case just set
the aid like it is done for invalid nexthops. If the nexthop is set by
explicitly specifying one then include the exit_nexthop, that is the
nexthop that is relevant for BGP. Further cleanup the function as usual.
OK tb@
miod [Wed, 10 Aug 2022 11:05:50 +0000 (11:05 +0000)]
Add iic at glxpcib, to get spdmem to attach on 2F-based systems.
miod [Wed, 10 Aug 2022 10:41:35 +0000 (10:41 +0000)]
Remove alpha kernel code to process userland misaligned accesses, and the
machdep.unaligned_* sysctl to control its behaviour. Such code made sense more
than 20 years ago where a lot of code was not 64-bit clean, but this is no
longer the case those days.
ok jsg@ millert@ deraadt@
job [Wed, 10 Aug 2022 10:27:03 +0000 (10:27 +0000)]
Decrease how long to wait for the remote peer to send IO before giving up
If a repository is uncommunicative, rpki-client will try other transports,
or come back later (because of a next crontab invocation).
OK claudio@
claudio [Wed, 10 Aug 2022 10:21:47 +0000 (10:21 +0000)]
fixup header for bgpctl show network so it lines up again.
OK tb@
mvs [Wed, 10 Aug 2022 09:01:48 +0000 (09:01 +0000)]
Remove netlock assertion from vlan_ioctl(). Now (*if_ioctl)() called
without netlock for SIOC{G,S}IFMEDIA commands.
ok bluhm@
tb [Wed, 10 Aug 2022 07:58:04 +0000 (07:58 +0000)]
Fix two compiler warnings resulting from last zlib bump
total_out is now an unsigned long, so a format string warning is issued
on all architectures. Fix this and also fix the format string for the
off_t len, which is signed, not unsigned.
Comparing an unsigned long to an off_t involves implementation-defined
behavior for values > LONG_MAX on 64-bit architectures, so the compiler
complains. Fix this by checking that len >= 0 and then casting both sides
to a wider type.
reported by and ok deraadt
tb [Wed, 10 Aug 2022 07:50:16 +0000 (07:50 +0000)]
Build the Compress::Raw::Zlib perl module with /usr/lib/libz
Two actively used copies of zlib in base are enough. This simplifies
handling security fixes. Now that zlib.h r1.7 is reverted, zlib ffi
works fine on 32-bit architectures.
Compared with an earlier attempt in March, this disables the Z_SOLO build
option (problem found by gkoehler) and fixes two regress tests to work
with zlib 1.2.12. Corresponding upstream commits:
https://github.com/pmqs/Compress-Raw-Zlib/commit/
c44e0b732e214b7f77d42a3af6ae64e
https://github.com/pmqs/Compress-Raw-Zlib/commit/
f47ea5f36c40fe19efe404dd75fd790
ok bluhm
tb [Wed, 10 Aug 2022 07:40:37 +0000 (07:40 +0000)]
Remove games from the default $PATH in /etc/skel
The games are a playground for developers. Their code is very old and full
of bugs.
ok deraadt kn
jsg [Wed, 10 Aug 2022 03:18:19 +0000 (03:18 +0000)]
match other archs use %s for version printf
kn [Tue, 9 Aug 2022 21:10:02 +0000 (21:10 +0000)]
Backout "Call getuptime() just once per function"
This caused stuck ndp cache entries as found by naddy, sorry.
deraadt [Tue, 9 Aug 2022 21:09:40 +0000 (21:09 +0000)]
sync