djm [Mon, 28 Aug 2023 04:06:52 +0000 (04:06 +0000)]
explicit long long type in timing calculations (doesn't matter, since
the range is pre-clamped)
djm [Mon, 28 Aug 2023 03:31:16 +0000 (03:31 +0000)]
Add keystroke timing obfuscation to the client.
This attempts to hide inter-keystroke timings by sending interactive
traffic at fixed intervals (default: every 20ms) when there is only a
small amount of data being sent. It also sends fake "chaff" keystrokes
for a random interval after the last real keystroke. These are
controlled by a new ssh_config ObscureKeystrokeTiming keyword/
feedback/ok markus@
djm [Mon, 28 Aug 2023 03:28:43 +0000 (03:28 +0000)]
Introduce a transport-level ping facility
This adds a pair of SSH transport protocol messages SSH2_MSG_PING/PONG
to implement a ping capability. These messages use numbers in the "local
extensions" number space and are advertised using a "ping@openssh.com"
ext-info message with a string version number of "0".
ok markus@
tb [Sun, 27 Aug 2023 16:09:41 +0000 (16:09 +0000)]
sync
schwarze [Sun, 27 Aug 2023 15:33:08 +0000 (15:33 +0000)]
Move the weak SHA-1 and MD5 hashes out of EVP_DigestInit(3)
into a new EVP_sha1(3) manual page, and also mention EVP_md4(3) there.
Using input from tb@ and jsing@, who like the general direction.
schwarze [Sun, 27 Aug 2023 13:23:12 +0000 (13:23 +0000)]
document the return value of EVP_PKEY_asn1_find(3) and
the "len" argument and the return value of EVP_PKEY_asn1_find_str(3)
schwarze [Sun, 27 Aug 2023 13:15:29 +0000 (13:15 +0000)]
EVP_PKEY_set_type_str(3) is now documented, so switch from .Fn to .Xr
schwarze [Sun, 27 Aug 2023 13:08:15 +0000 (13:08 +0000)]
document EVP_PKEY_set_type_str(3)
cheloha [Sat, 26 Aug 2023 22:21:00 +0000 (22:21 +0000)]
clockintr: add clockqueue_intrclock_install()
At some point, clockintr_cpu_init() is going to go away. However,
there will still need to be a way to add an intrclock to a struct
clockintr_queue.
Add a new internal interface, clockqueue_intrclock_install(). If the
given clockintr_queue does not yet have an intrclock installed, it
copies the contents of the given intrclock to the clockintr_queue's
private intrclock (cq_intrclock) and sets CQ_INTRCLOCK in cq_flags.
I'm using the verb "install" here instead of "attach" because an
intrclock is really just a vtable that we copy into the
clockintr_queue. The original intrclock is in no way "bound" or
"affixed" to a particular clockintr_queue: it's more akin to a stamp
that can be reused to initialize any number of individual
clockintr_queue structs.
schwarze [Sat, 26 Aug 2023 15:14:28 +0000 (15:14 +0000)]
add the missing information that and how flags can be combined,
and add the missing link to evp(3)
schwarze [Sat, 26 Aug 2023 15:12:04 +0000 (15:12 +0000)]
Write documentation for EVP_CIPHER_CTX_buf_noconst(3) from scratch.
Put it here rather than into EVP_EncryptInit(3) because similar to
EVP_CIPHER_CTX_get_cipher_data(3), application software should not
use it. These functions will likely not be needed except by people
implementing custom encryption algorithms.
schwarze [Sat, 26 Aug 2023 15:01:56 +0000 (15:01 +0000)]
write documentation for EVP_CIPHER_CTX_copy(3)
and EVP_CIPHER_CTX_encrypting(3) from scratch
jmc [Sat, 26 Aug 2023 15:01:00 +0000 (15:01 +0000)]
word fix in comment; from crystal kolipe
dlg [Sat, 26 Aug 2023 11:33:46 +0000 (11:33 +0000)]
umb can use p2p_input as an if_input handler.
umb(4) is a hardware p2p driver, it just has ip coming in, so we can do
the same thing we do for the address family and input processing as
other p2p interfaces.
the short packet check that umb_input does is already done by the ip
stacks, so we're not losing anything.
tested by gerhard@ mbuhl@
ok gerhard@
visa [Sat, 26 Aug 2023 11:10:05 +0000 (11:10 +0000)]
Update to reflect current functionality.
tb [Sat, 26 Aug 2023 10:32:35 +0000 (10:32 +0000)]
sync
visa [Sat, 26 Aug 2023 09:37:43 +0000 (09:37 +0000)]
Adapt glxclk(4) for clockintr
Make glxclk(4) functional again. The MFGPT provides the CPU core
an external clock interrupt. This interrupt enables a later change
that reduces energy usage when the system is idle. Also, the use
of the external clock fixes timekeeping when the core clock
frequency is adjusted.
stsp [Sat, 26 Aug 2023 09:05:34 +0000 (09:05 +0000)]
fix iwx scan command such that the driver selects an SSID during bgscan
The driver was asking firmware to send probe requests during background
scans without having any SSID selected, which doesn't make sense.
With that fixed I see faster background scans that no longer display
every AP in range in debug logs, while relevant APs always show up.
This is a possible fix for fatal firmware error 0x20002806 which is
known to be related to bad scan commands and appeared with our upgrade
to the -77 firmware API. Not yet confirmed because it is difficult to
trigger this error on purpose.
Apparently this change also repairs stability issues on AX210.
I have never seen such issues first-hand and have no clue how they
might relate to this change. One plausible theory is that our bogus
bgscan command would trigger bad side-effects in firmware.
Tested:
ax200: jmc@, stsp@
ax210: Laurence Tratt, sf@
jsg [Sat, 26 Aug 2023 06:19:09 +0000 (06:19 +0000)]
transfering -> transferring
tb [Sat, 26 Aug 2023 02:59:13 +0000 (02:59 +0000)]
Remove two unnecessary local variables
deraadt [Sat, 26 Aug 2023 01:38:28 +0000 (01:38 +0000)]
provide some strong warnings about dlopen
ok guenther millert jmc
schwarze [Fri, 25 Aug 2023 18:39:04 +0000 (18:39 +0000)]
make the one-line description read better
and be more specific below RETURN VALUES;
OK tb@
schwarze [Fri, 25 Aug 2023 18:22:41 +0000 (18:22 +0000)]
In evp.h rev.s 1.90 and 1.97, tb@ provided EVP_CIPHER_CTX_get_cipher_data(3)
and EVP_CIPHER_CTX_set_cipher_data(3).
Import the manual page from the OpenSSL 1.1 branch, which is still
under a free licence, with several improvements by me.
schwarze [Fri, 25 Aug 2023 13:26:27 +0000 (13:26 +0000)]
fix eight more instances of copy & paste glitches
schwarze [Fri, 25 Aug 2023 12:45:45 +0000 (12:45 +0000)]
new manual page MB_CUR_MAX(3) written from scratch;
OK guenther@ stsp@ jmc@
schwarze [Fri, 25 Aug 2023 12:37:33 +0000 (12:37 +0000)]
KNF, no assembly change
OK tb@ jsing@
tb [Fri, 25 Aug 2023 11:43:14 +0000 (11:43 +0000)]
Mention another bug for EVP_add_{cipher,digest}(3)
tb [Fri, 25 Aug 2023 10:54:44 +0000 (10:54 +0000)]
Improve EVP_add_cipher.3 a bit
Fix some copy-paste errors in the prototypes, tweak the explanatory text
and add some more details.
tb [Fri, 25 Aug 2023 05:38:52 +0000 (05:38 +0000)]
Add more cross references
tb [Fri, 25 Aug 2023 05:30:55 +0000 (05:30 +0000)]
sync
tb [Fri, 25 Aug 2023 05:29:35 +0000 (05:29 +0000)]
Document EVP_add_{cipher,digest} and friends
These and EVP_{add,remove}_{cipher,digest}_alias() are mostly for internal
use.
tb [Fri, 25 Aug 2023 02:17:41 +0000 (02:17 +0000)]
zap a stray space
jsg [Thu, 24 Aug 2023 06:31:08 +0000 (06:31 +0000)]
drm/amdgpu: keep irq count in amdgpu_irq_disable_all
From Guchun Chen
ab63f883bfdcfffde60f18918d6c850700eac0fb in linux-6.1.y/6.1.47
8ffd6f0442674f32c048ec8dffdbc5ec67829beb in mainline linux
jsg [Thu, 24 Aug 2023 06:29:16 +0000 (06:29 +0000)]
drm/amd/pm: skip the RLC stop when S0i3 suspend for SMU v13.0.4/11
From Tim Huang
8abce61273c2815ea2ca096ecfb030c4b9e4e686 in linux-6.1.y/6.1.47
730d44e1fa306a20746ad4a85da550662aed9daa in mainline linux
jsg [Thu, 24 Aug 2023 06:27:21 +0000 (06:27 +0000)]
drm/amd/display: Implement workaround for writing to OTG_PIXEL_RATE_DIV register
From Saaem Rizvi
4bdfe20d85b32274234bbcd705d5547fd70a4ea1 in linux-6.1.y/6.1.47
74fa4c81aadf418341f0d073c864ea7dca730a2e in mainline linux
jsg [Thu, 24 Aug 2023 06:24:54 +0000 (06:24 +0000)]
drm/amd/display: disable RCO for DCN314
From Daniel Miess
d4008eadfce5d7791bf078f5e51ba5b735fd8c09 in linux-6.1.y/6.1.47
85e41f1ed5d94a26fe4e57003c399936d291ed70 in mainline linux
jsg [Thu, 24 Aug 2023 06:23:09 +0000 (06:23 +0000)]
drm/amdgpu/pm: fix throttle_status for other than MP1 11.0.7
From Umio Yasuno
7de99bf5bcd6d04b2202dd908782cc05edca0340 in linux-6.1.y/6.1.47
6a92761a86817ad15c9a562e2a809386237fae3e in mainline linux
jsg [Thu, 24 Aug 2023 06:21:03 +0000 (06:21 +0000)]
drm/amdgpu: skip fence GFX interrupts disable/enable for S0ix
From Tim Huang
9c8c2cf9f9bce4fa4c4c4e821bdaa4e15762e403 in linux-6.1.y/6.1.47
f1740b1ab2703b2a057da7cf33b03297e0381aa0 in mainline linux
jsg [Thu, 24 Aug 2023 06:19:20 +0000 (06:19 +0000)]
drm/amd: flush any delayed gfxoff on suspend entry
From Mario Limonciello
e1cbd5637f37e7facfd38d19cda4a36a85780613 in linux-6.1.y/6.1.47
a7b7d9e8aee4f71b4c7151702fd74237b8cef989 in mainline linux
jsg [Thu, 24 Aug 2023 06:17:19 +0000 (06:17 +0000)]
drm/i915/sdvo: fix panel_type initialization
From Jani Nikula
df1566ce41ee6c477e82816c10fca3d0b4291de4 in linux-6.1.y/6.1.47
2002eb6d3ea954dde9f8a223018d5335779937d0 in mainline linux
jsg [Thu, 24 Aug 2023 06:15:44 +0000 (06:15 +0000)]
drm/amd/display: fix access hdcp_workqueue assert
From Hersen Wu
402f1d86ea26c160841da4eb46b0ad8606ab52b3 in linux-6.1.y/6.1.47
cdff36a0217aadf5cbc167893ad1c0da869619cb in mainline linux
jsg [Thu, 24 Aug 2023 06:14:13 +0000 (06:14 +0000)]
drm/amd/display: phase3 mst hdcp for multiple displays
From hersen wu
81e6cf447a2e3affcf54928c01b2476bca28916b in linux-6.1.y/6.1.47
e8fd3eeb5e8711af39b00642da06474e52f4780c in mainline linux
jsg [Thu, 24 Aug 2023 06:12:32 +0000 (06:12 +0000)]
drm/amd/display: save restore hdcp state when display is unplugged from mst hub
From hersen wu
d90f97cb3821c47bdf773dcf6cade143773ec764 in linux-6.1.y/6.1.47
82986fd631fa04bcedaefe11a6b3767601cbe84f in mainline linux
jsg [Thu, 24 Aug 2023 06:10:10 +0000 (06:10 +0000)]
drm/amdgpu: Fix potential fence use-after-free v2
From shanzhulig
dd0b3b367c3839e439f36af908b39c98929a5e54 in linux-6.1.y/6.1.47
2e54154b9f27262efd0cb4f903cc7d5ad1fe9628 in mainline linux
jsg [Thu, 24 Aug 2023 06:08:35 +0000 (06:08 +0000)]
drm/amd/display: Enable dcn314 DPP RCO
From Daniel Miess
359ec0952cbb15d44d6eeda10dc2c147d0d37a65 in linux-6.1.y/6.1.47
17fbdbda9cc87ff5a013898de506212d25323ed7 in mainline linux
jsg [Thu, 24 Aug 2023 06:07:04 +0000 (06:07 +0000)]
drm/amd/display: Skip DPP DTO update if root clock is gated
From Nicholas Kazlauskas
5447155001e6aa30d55b06a5b4ff799fd3a1f51d in linux-6.1.y/6.1.47
30f90f3c1c2c63c2fa44f61233737d27b72637c2 in mainline linux
jsg [Thu, 24 Aug 2023 06:05:23 +0000 (06:05 +0000)]
drm/amd/display: Apply 60us prefetch for DCFCLK <= 300Mhz
From Alvin Lee
fbd9332d32ec2e4963620dbfa23d802dd98973be in linux-6.1.y/6.1.47
7e60ab4eb3e4ba2adac46d737fdbbc5732bebd58 in mainline linux
jsg [Thu, 24 Aug 2023 06:03:05 +0000 (06:03 +0000)]
drm/amdgpu: install stub fence into potential unused fence pointers
From Lang Yu
78b25110eb8c6990f7f5096bc0136c12a2b4cc99 in linux-6.1.y/6.1.47
187916e6ed9d0c3b3abc27429f7a5f8c936bd1f0 in mainline linux
jsg [Thu, 24 Aug 2023 06:01:11 +0000 (06:01 +0000)]
drm/amdgpu: fix memory leak in mes self test
From Jack Xiao
ce3288d8d654b252ba832626e7de481c195ef20a in linux-6.1.y/6.1.47
31d7c3a4fc3d312a0646990767647925d5bde540 in mainline linux
jsg [Thu, 24 Aug 2023 05:59:58 +0000 (05:59 +0000)]
drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1
From hackyzh002
9f55d300541cb5b435984d269087810581580b00 in linux-6.1.y/6.1.47
87c2213e85bd81e4a9a4d0880c256568794ae388 in mainline linux
jsg [Thu, 24 Aug 2023 05:58:07 +0000 (05:58 +0000)]
drm/amdgpu: fix calltrace warning in amddrm_buddy_fini
From Longlong Yao
ab6f446c220db0c131f2071846afd835799be0fb in linux-6.1.y/6.1.47
01382501509871d0799bab6bd412c228486af5bf in mainline linux
tb [Thu, 24 Aug 2023 04:56:36 +0000 (04:56 +0000)]
cms_content_bio() is not used outside of cms_lib.c
Make it a static function and remove its prototype from the internal
header.
tb [Thu, 24 Aug 2023 04:54:26 +0000 (04:54 +0000)]
Some tweaking of cms_content_bio()
More idiomatic error checking and drop an always false test for !*pos. Use
a slightly closer approximation to actual English sentences in comments.
ok jsing
tb [Thu, 24 Aug 2023 04:46:56 +0000 (04:46 +0000)]
Better names for the BIOs in CMS_dataInit()
Rename cmsbio into cms_bio and use {,in_}content_bio for {,i}cont.
ok jsing
tb [Thu, 24 Aug 2023 04:33:08 +0000 (04:33 +0000)]
Update references from RFC 7539 to RFC 8439
RFC 7539 was superseded by RFC 8439, incorporating errata and making
editorial improvements. Very little of substance changed, in particular
section numbers remain the same.
Prompted by a question from schwarze
tb [Thu, 24 Aug 2023 04:23:30 +0000 (04:23 +0000)]
Align the documentation of EVP_chacha20() with actual behavior
Incorrect OpenSSL documentation was moved here and inherited parts of a
comment that was fixed in evp/e_chacha.c r1.13. Adjust the manual page
accordingly.
Discussed with schwarze
tb [Thu, 24 Aug 2023 04:20:57 +0000 (04:20 +0000)]
Clarify how the EVP IV is used with ChaCha
EVP_chacha20() was aligned to follow OpenSSL's nonconformant implementation
during a2k20 by djm and myself in an effort to allow OpenSSH to use the
OpenSSL 1.1 API. Some corresponding OpenSSL 1.1 documentation was imported
at the same time. A comment attempted to translate between implementation
and the incorrect documentation, which was necessarily gibberish. Improve
the situation by rephrasing and dropping nonsensical bits.
Prompted by a question of schwarze
schwarze [Wed, 23 Aug 2023 13:46:42 +0000 (13:46 +0000)]
Mention key and nonce lengths of AEAD ciphers.
Mention portability considerations regarding the EVP_AEAD API.
Avoid confusing words like "older" and "native" API, be specific.
Mention RFC 7905.
Move publications we don't implement from STANDARDS to CAVEATS.
Based on input from jsing@ and tb@, OK tb@.
nicm [Wed, 23 Aug 2023 08:40:25 +0000 (08:40 +0000)]
Add -c to run-shell to set working directory, from someone in GitHub
issue 3661.
nicm [Wed, 23 Aug 2023 08:30:07 +0000 (08:30 +0000)]
Log what input_dcs_dispatch does with the input data.
cheloha [Wed, 23 Aug 2023 01:55:45 +0000 (01:55 +0000)]
all platforms: separate cpu_initclocks() from cpu_startclock()
To give the primary CPU an opportunity to perform clock interrupt
preparation in a machine-independent manner we need to separate the
"initialization" parts of cpu_initclocks() from the "start the clock
interrupt" parts. Currently, cpu_initclocks() does everything all at
once, so there is no space for this MI setup.
Many platforms have more-or-less already done this separation by
implementing a separate routine named "cpu_startclock()". This patch
promotes cpu_startclock() from de facto standard to mandatory API.
- Prototype cpu_startclock() in sys/systm.h alongside cpu_initclocks().
The separation of responsibility between the two routines is a bit
fuzzy but the basic guidelines are as follows:
+ cpu_initclocks() must initialize hz, stathz, and profhz, and call
clockintr_init().
+ cpu_startclock() must call clockintr_cpu_init() and start the clock
interrupt cycle on the calling CPU.
These guidelines will shift in the future, but that's the way things
stand as of *this* commit.
- In initclocks(): first call cpu_initclocks(), then do MI setup, and
last call cpu_startclock().
- On platforms where cpu_startclock() already exists: don't call
cpu_startclock() from cpu_initclocks() anymore.
- On platforms where cpu_startclock() doesn't yet exist: implement it.
Usually this is as simple as dividing cpu_initclocks() in two.
Tested on amd64 (i8254, lapic), arm64, i386 (i8254, lapic), macppc,
mips64/octeon, and sparc64. Tested on arm/armv7 (agtimer(4)) by
phessler@ and jmatthew@. Tested on m88k/luna88k by aoyama@. Tested
on powerpc64 by gkoehler@ and mlarkin@. Tested on riscv64 by
jmatthew@.
Thread: https://marc.info/?l=openbsd-tech&m=
169195251322149&w=2
cheloha [Tue, 22 Aug 2023 17:13:22 +0000 (17:13 +0000)]
i386: i8254_initclocks: set IPL_MPSAFE for clock/rtc IRQs
Setting IPL_MPSAFE for the i8254/mc146818 IRQs appeases a KASSERT in
apic_intr_establish() and allows the system to boot via the i8254
path. This makes testing changes to the i8254/mc146818 code much
easier on modern hardware without mucking with the GENERIC config. We
already set IPL_MPSAFE for these IRQs in the equivalent amd64 code.
Now, setting IPL_MPSAFE is a lie: the i8254 and mc146818 IRQs are not
MP-safe. However, the lie is harmless because we only reach
i8254_initclocks() if (a) there is no APIC at all, or (b) we fail to
calibrate the local APIC timer.
Thread: https://marc.info/?l=openbsd-tech&m=
169258915227321&w=2
ok mlarkin@
jsg [Tue, 22 Aug 2023 13:46:20 +0000 (13:46 +0000)]
avoid an ifdef in hardclock()
ok miod@ cheloha@
gerhard [Tue, 22 Aug 2023 12:50:27 +0000 (12:50 +0000)]
Don't fail in ober_scanf_elements() when encountering empty sequences.
Ok martijn@
tb [Tue, 22 Aug 2023 08:59:44 +0000 (08:59 +0000)]
Pull the NULL check for cmsbio into the switch
ok jsing
tb [Tue, 22 Aug 2023 08:44:15 +0000 (08:44 +0000)]
Plug a leak of cont in CMS_dataInit()
This and ts/ts_rsp_sign.c r1.32 were part of OpenSSL
309e73df.
ok jsing
tb [Tue, 22 Aug 2023 08:09:36 +0000 (08:09 +0000)]
Plug a leak of ASN1_INTEGR in def_serial_cb()
ok jsing
jsg [Tue, 22 Aug 2023 03:51:45 +0000 (03:51 +0000)]
SUPDISFILES -> SUPDISTFILES
bluhm [Mon, 21 Aug 2023 21:45:18 +0000 (21:45 +0000)]
Fix receiving VLAN packets if LRO is enabled on ix(4).
The vlan packet bit is only valid for the last descriptor's receive
status. When receiving just one buffer per packet, it makes no
difference, but with LRO there are multiple descriptors. Checking
only the first one resulted in VLAN headers being stripped and large
packets appear as regular on ix interface. Move the code setting
vlan tag from first to last descriptor.
bug reported and fix tested by Hrvoje Popovski
OK jan@
tobhe [Mon, 21 Aug 2023 21:16:18 +0000 (21:16 +0000)]
Log errors in kex_exchange_identification() with level verbose instead
of error to reduce preauth log spam. All of those get logged with a more
generic error message by sshpkt_fatal().
feedback from sthen@
ok djm@
miod [Mon, 21 Aug 2023 20:17:30 +0000 (20:17 +0000)]
Remove dead code.
kn [Mon, 21 Aug 2023 18:56:06 +0000 (18:56 +0000)]
cover force recreation (with smallest non-default number of rounds)
The idea is for a later diff to inspect -v output wrt. chosen number of
rounds in order to a) test -r behaviour and b) confirm that '-Cforce -rN'
that a value has been recreated (output is identical for attach an create).
kn [Mon, 21 Aug 2023 17:55:51 +0000 (17:55 +0000)]
rename target to reflect reality
Volumes can be recreated, but the same chunk cannot be used twice.
This is what '-C force' is for.
cheloha [Mon, 21 Aug 2023 17:22:04 +0000 (17:22 +0000)]
clockintr: remove support for independent schedclock()
Remove the scaffolding for an independent schedclock(). With the
removal of the independent schedclock() from alpha, schedhz is zero on
all platforms and this schedclock-specific code is now unused.
It is possible that schedclock() will repurposed for use in the
future. Even if this happens, the schedclock handle will not live in
struct clockintr_queue.
kn [Mon, 21 Aug 2023 16:58:14 +0000 (16:58 +0000)]
= ought to be += in previous
kn [Mon, 21 Aug 2023 15:59:38 +0000 (15:59 +0000)]
cover expected failures for volume recreation and the empty passphrase
cheloha [Mon, 21 Aug 2023 15:19:09 +0000 (15:19 +0000)]
alpha: stop running an independent schedclock()
alpha is the only platform still running an independent schedclock().
Disabling it brings alpha's scheduling behavior into line with that of
every other platform.
With this patch, all platforms call schedclock() from statclock() at
an effective schedhz of ~12.5.
kn [Mon, 21 Aug 2023 14:33:55 +0000 (14:33 +0000)]
No need to make_dev() existing root device in disk crypto question
Since r1.1245 encrypt_root() happens immediately after get_rootinfo().
the latter creates device files for the root disk (and aborts if make_dev()
fails), so encrypt_root()'s call on the softraid chunk is purely redundant.
Hoist _chunk definition into declaration while here.
kn [Mon, 21 Aug 2023 14:25:22 +0000 (14:25 +0000)]
most tests need root, add targets using ${SUDO} to REGRESS_ROOT_TARGETS
espie [Mon, 21 Aug 2023 12:54:04 +0000 (12:54 +0000)]
more relevant instance of port with SUPDISTFILES, bootstrap stuff
on various architectures is often a good candidate
jsg [Mon, 21 Aug 2023 11:12:28 +0000 (11:12 +0000)]
a whois command appeared in 4.1c before 4.3
espie [Mon, 21 Aug 2023 10:12:23 +0000 (10:12 +0000)]
document the new DISTFILES.sufx infrastructure
tb [Mon, 21 Aug 2023 09:52:30 +0000 (09:52 +0000)]
ec_ameth: clean up eckey_{pub,priv}_encode()
Factor eckey_param_free() out of eckey_pub_encode(). ASN1_OBJECT_free()
is not actually needed. This will be addressed later.
i2o_ECPublicKey() allocates internally if *out == NULL, so no need to do
the two-call dance. Its return value is documented to be <= 0 on error,
which is wrong in the sense that only 0 is returned. Keep using the same
check for <= 0 as everywhere else.
Set of EC_PKEY_NO_PARAMETERS after the poorly named eckey_param2type() to
avoid potential underhanded side effects.
In eckey_priv_encode(), error exits would leak pval was leaked a few times.
Avoid this and simplify using i2d's internal allocation. Reinstate the
flags in a single error path.
ok jsing
kn [Mon, 21 Aug 2023 08:59:18 +0000 (08:59 +0000)]
Remove retry loop crutch around disk passphrase prompt
bioctl(8) now retries itself on mismatch so the installer continues until
the passphrase is confirmed correctly (like for the root password) instead
of bailing out after three failed attempts.
kn [Mon, 21 Aug 2023 08:33:11 +0000 (08:33 +0000)]
Retry passphrase on mismatch by default
Gracefully prompt again during interactive creation and passphrase change on
CRYPTO/1C volumes when confirmation fails instead of exiting, so bioctl(8)
behaves more like passwd(1) in this regard.
Use -s aka. non-interactive scripting mode to try just once.
Input OK jsing op
kn [Mon, 21 Aug 2023 08:13:37 +0000 (08:13 +0000)]
Print softraid(4) errors on standard error
INFO messages remain on stdin, WARN/ERROR go to stderr as usual to make
silencing and scripting bioctl(8) easier.
OK op jsing
anton [Mon, 21 Aug 2023 05:10:25 +0000 (05:10 +0000)]
bioctl tests needs root
djm [Mon, 21 Aug 2023 04:59:54 +0000 (04:59 +0000)]
correct math for ClientAliveInterval that caused the probes to be
sent less frequently than configured; from Dawid Majchrzak
djm [Mon, 21 Aug 2023 04:36:46 +0000 (04:36 +0000)]
want stdlib.h for free(3)
jsg [Mon, 21 Aug 2023 03:26:42 +0000 (03:26 +0000)]
spelling
visa [Mon, 21 Aug 2023 01:37:56 +0000 (01:37 +0000)]
Make kdump show kqueue1(2) flags.
OK guenther@
guenther [Mon, 21 Aug 2023 01:35:43 +0000 (01:35 +0000)]
cpu_idle_{enter,leave}() are no-ops in ASM; replace them
with no-op macros.
ok gkoehler@
kn [Sun, 20 Aug 2023 23:19:00 +0000 (23:19 +0000)]
First tests for bioctl(8), start with scripted creation + passphrase change
These are meant for CLI bits like passphrase hashing, error handling and
interactive vs. scripted behaviour.
regress/sys/dev/softraid/ and stuff like regress/usr.sbin/installboot/
already test specific softraid(4) disciplines and disk handling.
kn [Sun, 20 Aug 2023 22:38:49 +0000 (22:38 +0000)]
stricter devname match on bioctl(8) output avoids false positives on failure
tb [Sun, 20 Aug 2023 22:35:52 +0000 (22:35 +0000)]
Make some global variables const
tb [Sun, 20 Aug 2023 22:32:15 +0000 (22:32 +0000)]
Bye bye to all people out there
tb [Sun, 20 Aug 2023 22:30:55 +0000 (22:30 +0000)]
Add some spaces after comma
tb [Sun, 20 Aug 2023 22:27:52 +0000 (22:27 +0000)]
unifdef -D FULL_TEST
tb [Sun, 20 Aug 2023 22:26:24 +0000 (22:26 +0000)]
knfmt(1) to the rescue
tb [Sun, 20 Aug 2023 22:22:55 +0000 (22:22 +0000)]
Another OPENSSL_NO_DEPRECATED hits the bit bucket