tb [Thu, 4 Jan 2024 20:02:10 +0000 (20:02 +0000)]
Remove last external call to EVP_PKEY_meth_find()
In order to determine whether GOST is properly enabled, libssl has various
weird dances. In this specific case, it calls EVP_PKEY_meth_find() to see
whether the relevant cipher is around. Check the same thing with an #ifdef
instead.
ok jsing
espie [Thu, 4 Jan 2024 18:17:47 +0000 (18:17 +0000)]
make auto-index better
- make it an actual table
- use "human readable sizes" for the file sizes
- add some decoration and javascript to be able to sort it per-column
(client side) (this means some extra column attribute)
- add glue to facilitate embedding js + css directly in the program
- add some graphical indication for directories
- should still validate as proper html everywhere (custom properties
need to be called data-* for this!)
Work with claudio@ and tb@, many thanks to claudio@ for some of the finer
points of css handling, and tb@ for some fine spaces fixes.
I've tried it with lynx as well, shows up correctly.
One big plus is that the size of columns work as utf-8, so you can expose
filenames without any problems (I've tried it with non-js text navigators
as well as firefox, chromium and friends)
And it looks slightly less yahoo ca. 1995.
It's still "one size fits all". If people object to the current look, adding
httpd.conf(5) properties to override the default css should be easy.
okay claudio@, tb@
tb [Thu, 4 Jan 2024 17:38:36 +0000 (17:38 +0000)]
Remove unused app_data from EVP_CIPHER
The EVP_CIPHER structs are static const data that the library returns when
you call EVP_aes_128_cbc(), for example. It makes no sense whatsoever to
hang user data off such a struct, but it's been there since forever.
ok jsing
tb [Thu, 4 Jan 2024 17:22:29 +0000 (17:22 +0000)]
Clean up EVP_PKEY_asn1_get0_info() a bit
Use better variable names without silly p prefix and use explicit checks
against NULL.
tb [Thu, 4 Jan 2024 17:17:40 +0000 (17:17 +0000)]
Clean up EVP_PKEY_asn1_find_str()
Use slightly better argument and variable names, do not pointlessly try
to match a string of negative length < -1, use a size_t for the strlen()
and preserve the logic that allows lookup by a string fragment rather
than a full string.
ok jsing
tb [Thu, 4 Jan 2024 17:08:57 +0000 (17:08 +0000)]
Simplify EVP_PKEY_asn1_find()
EVP_PKEY_asn1_find() finds the EVP_PKEY_ASN1_METHOD underlying the method
or alias with nid (or, rather, pkey_id) passed in. Now that we have the
base method stored in a pointer, we can return that method after a simple
lookup of said nid (or, rather, pkey_id).
ok jsing
tb [Thu, 4 Jan 2024 17:01:26 +0000 (17:01 +0000)]
Replace .pkey_base_id with a .base_method pointer
Every EVP_PKEY_ASN1_METHOD is either an ASN.1 method or an alias.
As such it resolves to an underlying ASN.1 method (in one step).
This information can be stored in a base_method pointer in allusion
to the pkey_base_id, which is the name for the nid (aka pkey_id aka
type) of the underlying method.
For an ASN.1 method, the base method is itself, so the base method
is set as a pointer to itself. For an alias it is of course a pointer
to the underlying method. Then obviously ameth->pkey_base_id is the
same as ameth->base_method->pkey_id, so rework all ASN.1 methods to
follow that.
ok jsing
tb [Thu, 4 Jan 2024 16:50:53 +0000 (16:50 +0000)]
Neuter the remainder of the ameth lib
The few pieces of the ameth lib that will stay in libcrypto were moved to
p_lib.c recently. The functions that still are in ameth_lib.c will be
removed in the next major bump. With disabled EVP_PKEY_asn1_add{0,_alias}()
API they are completely useless now and they are getting in the way of more
ameth surgery. Rip out their guts and turn them into stubs that do nothing
but push an error onto the stack.
ok jsing
tb [Thu, 4 Jan 2024 16:41:56 +0000 (16:41 +0000)]
Split ameth arrays into individual methods
For some reason DSA, GOST, and RSA had their ASN.1 methods stored in
an array. This is clumsy and the only benefit is that one saves a few
externs in p_lib.c. They were also arranged by ascending NID because
of bsearch() madness.
Split them up and arrange the methods by name, which is much saner
and simpler.
ok jsing
claudio [Thu, 4 Jan 2024 16:38:18 +0000 (16:38 +0000)]
Rewrite the imsg handling using the new API functions.
OK tb@
claudio [Thu, 4 Jan 2024 14:30:09 +0000 (14:30 +0000)]
Convert the RTR PDU parser to use the new ibuf API.
Lenght / overflow checks are now handled by ibufs.
OK tb@
mglocker [Thu, 4 Jan 2024 13:30:20 +0000 (13:30 +0000)]
Fix timeout value for write command (typo).
mglocker [Thu, 4 Jan 2024 12:22:35 +0000 (12:22 +0000)]
Pass SCSI command directly to the UFS command descriptor instead of
decoding/encoding it.
Suggested and OK kettenis@
claudio [Thu, 4 Jan 2024 10:26:14 +0000 (10:26 +0000)]
Rename argument roa of imsg_send_sockets() to rtr since the imsgbuf is
for PROC_RTR.
dtucker [Thu, 4 Jan 2024 09:51:49 +0000 (09:51 +0000)]
Import regenerated moduli.
tb [Thu, 4 Jan 2024 09:47:54 +0000 (09:47 +0000)]
Improve length checks for oiv and iv
There are two unsigned char arrays of size EVP_MAX_IV_LENGTH to store the
IVs of block ciphers. In most modes, only iv is used, but in some modes iv
is modified and oiv is used to store the original IV. At the moment nothing
enforces that they are of the same length. Therefore make sure the correct
one or both are checked before writing to or reading from them.
ok miod
op [Thu, 4 Jan 2024 09:34:03 +0000 (09:34 +0000)]
fix IPv6 addresses table lookups
Rework parse_sockaddr() to not reach inet_pton() with a brace-wrapped
IPv6 address.
Issue reported by Kirill Miazine.
ok millert@
op [Thu, 4 Jan 2024 09:30:09 +0000 (09:30 +0000)]
set_localaddrs(): don't wrap IPv6s address with braces twice
ss_to_text() already wraps ipv6 addresses in braces, so no need to do it
again and no need to do that for IPv4 addresses too.
ok millert@
kevlo [Thu, 4 Jan 2024 08:41:59 +0000 (08:41 +0000)]
Add support for AX88179A. AX88179A interweave dummies alongside valid
packet headers in axen_rxeof().
However current driver records these dummy headers as dropped frames,
leading to stats misreporting one Ifail per Ipkt.
This skips those dummy headers silently, thereby not generating Ifail
for them.
From FreeBSD commit
70fbcd451b68b7f6038d8a602cd8d5e1bb890f1d
Tested by landry@ and myself.
ok claudio@, landry@
jmatthew [Thu, 4 Jan 2024 07:08:47 +0000 (07:08 +0000)]
fix up barriers in bnxt_down() - use barriers for all interrupts and
for the rx refill timeouts.
tested by hrvoje
ok bluhm@
mvs [Thu, 4 Jan 2024 01:32:06 +0000 (01:32 +0000)]
Revert previous. splx(9) can call kvp_get_ip_info() from any place with
netlock held and cause recursive lock acquisition issue.
bluhm [Thu, 4 Jan 2024 00:19:17 +0000 (00:19 +0000)]
Skip tests that use too many resources on armv7.
dv [Wed, 3 Jan 2024 22:34:39 +0000 (22:34 +0000)]
vmd(8): improve error messages when out of tap devices.
The logging and the (lack of) errno don't describe the actual reason
a vm fails to start when there are not enough tap(4) special files
in /dev. Improve the log message to specify the tap file in question
and set ENOENT so vmctl(8) gets something other than an undefined
errno value to report.
ok bluhm@
tobhe [Wed, 3 Jan 2024 21:41:44 +0000 (21:41 +0000)]
Enable Apple brightness keys also for archs other than macppc.
ok kettenis@
claudio [Wed, 3 Jan 2024 16:07:37 +0000 (16:07 +0000)]
Use "established" and "exchange" as RTR state names.
"idle" and "active" are used in the BGP FSM with different meaning which
leads to confusion. When a RTR session is up the state is "established"
apart from the time when a new delta is loaded (between cache response and
end of data PDU) the state is "exchange".
OK tb@
bluhm [Wed, 3 Jan 2024 11:07:04 +0000 (11:07 +0000)]
Run connect(2) in parallel within inet doamin.
This unlocks soconnect() for UDP, rip, rip6 and divert. It takes
shared net lock in combination with per socket lock. TCP and GRE
still use exclusive net lock when connecting.
OK mvs@
kevlo [Wed, 3 Jan 2024 09:19:22 +0000 (09:19 +0000)]
Update website URL.
ok miod@
tb [Wed, 3 Jan 2024 09:13:32 +0000 (09:13 +0000)]
Improve order in ancient CMS helpers
First came EVP_CIPHER_param_to_asn1() which wraps EVP_CIPHER_set_asn1_iv()
which was implemented last. Then came EVP_CIPHER_asn1_to_param() wrapping
EVP_CIPHER_get_asn1_iv(). Move each param function below the iv function
it wraps.
op [Wed, 3 Jan 2024 08:11:15 +0000 (08:11 +0000)]
relax ORCPT syntax validation
We expected the ORCPT parameter to be a valid rfc822 address. This is
wrong on multiple levels:
- any other IANA-registered "addr-type" can be used
- the parameter may be encoded and we didn't decode it prior validation
- RFC3461 explicitly states that "[..] the address associated with the
ORCPT keyword is NOT constrained to conform to the syntax rules for
that 'addr-type'".
Instead, just validate the xtext and preserve the ORCPT value as-is.
Issue originally reported by Tim Kuijsten, Tassilo Philipp and others.
ok millert@
dv [Wed, 3 Jan 2024 03:14:16 +0000 (03:14 +0000)]
vmd(8): remove unused variable from vionet_notify_tx.
num_enq was assigned and incremented, but never used. clang started
pointing out via warnings. No functional change.
millert [Tue, 2 Jan 2024 22:43:20 +0000 (22:43 +0000)]
Update to 2023dgtz from https://github.com/JodaOrg/global-tz
* Ittoqqortoormiit, Greenland changes time zones on 2024-03-31.
* Vostok, Antarctica changed time zones on 2023-12-18.
* Casey, Antarctica changed time zones five times since 2020.
* Data fixes for Palestine timestamps starting in 2072.
tb [Tue, 2 Jan 2024 21:27:39 +0000 (21:27 +0000)]
Move a t to the right place in a comment
tb [Tue, 2 Jan 2024 21:24:42 +0000 (21:24 +0000)]
Match struct order for the EVP_CIPHER_CTX accessors
This isn't great since the struct is ordered in about the silliest way
imaginable, but it is better than it was before. Bringing order into
this mess is harder than solving a Rubik's cube.
tb [Tue, 2 Jan 2024 21:12:25 +0000 (21:12 +0000)]
Move down EVP_CIPHER_CTX accessors expose EVP_CIPHER internals
These confusingly named getters were added "for convenience" in 1.1.
They fit best next to the EVP_CIPHER API.
tb [Tue, 2 Jan 2024 20:48:40 +0000 (20:48 +0000)]
Move the trivial EVP_CIPHER getters down
They are now below the CMS ASN.1 IV stuff, but above the EVP_CIPHER_meth*
API, which are setters, in a way.
tb [Tue, 2 Jan 2024 20:00:45 +0000 (20:00 +0000)]
Simplify EVP_CIPHER_{asn1_to_param,parma_to_asn1}()
There's no need for a ret variable and else if/else
tb [Tue, 2 Jan 2024 19:56:43 +0000 (19:56 +0000)]
Move the EVP_CIPHER API that only exists for CMS/legacy a bit down
tb [Tue, 2 Jan 2024 19:54:43 +0000 (19:54 +0000)]
sm4: more NULL misspellings
tb [Tue, 2 Jan 2024 18:48:02 +0000 (18:48 +0000)]
Two spellings of key length are enough
The API is called EVP_CIPHER_CTX_set_key_length() it has an argument called
keylen and, the EVP_CIPHER_CTX's member is called key_len. One of the three
is trivial to adjust, so do it.
tb [Tue, 2 Jan 2024 18:30:27 +0000 (18:30 +0000)]
Rename the poor outlier EVP_CIPHER *e into *cipher
tb [Tue, 2 Jan 2024 18:28:35 +0000 (18:28 +0000)]
Better variable names in EVP_CIPHER_type()
The EVP_CIPHER *ctx (yes) is renamed to cipher, otmp becomes an aobj.
Change two !ptr to ptr == NULL checks.
tb [Tue, 2 Jan 2024 18:21:02 +0000 (18:21 +0000)]
Consistently use ctx for an EVP_CIPHER_CTX
Not c (which is most of the time an EVP_CIPHER) or a (?!).
stsp [Tue, 2 Jan 2024 17:39:08 +0000 (17:39 +0000)]
set attached flag properly when fw fails to load during config_mountroot()
bluhm [Tue, 2 Jan 2024 16:40:03 +0000 (16:40 +0000)]
Revert chunk that I have commited by accident.
bluhm [Tue, 2 Jan 2024 16:32:47 +0000 (16:32 +0000)]
Prevent simultaneous dt(4) open.
Syskaller has hit the assertion "dtlookup(unit) == NULL" by opening
dt(4) device in two parallel threads. Convert kassert into if
condition. Move check that device is not used after sleep points
in malloc. The list dtdev_list is protected by kernel lock which
is released during sleep.
Reported-by: syzbot+6d66c21f796c817948f0@syzkaller.appspotmail.com
OK miod@
bluhm [Tue, 2 Jan 2024 15:06:48 +0000 (15:06 +0000)]
Run bind(2) and connect(2) in parallel also for TCP and Raw IP.
Before only UDP was tested.
espie [Tue, 2 Jan 2024 10:25:48 +0000 (10:25 +0000)]
have quirks behave way more like other packages so it can have dependencies
jsg [Tue, 2 Jan 2024 00:03:06 +0000 (00:03 +0000)]
Revert "drm/amd/display: Do not set DRR on pipe commit"
From Aric Cyr
b09a67617621f41e12ad9ec771ff320fc8b88a94 in linux-6.1.y/6.1.70
36951fc9460fce96bafd131ceb0f343cae6d3cb9 in mainline linux
jsg [Mon, 1 Jan 2024 23:59:47 +0000 (23:59 +0000)]
drm/i915: Reject async flips with bigjoiner
From Ville Syrjala
7d09c84df5ab9e18464a2f048e393a7860a043e9 in linux-6.1.y/6.1.70
88a173e5dd05e788068e8fa20a8c37c44bd8f416 in mainline linux
jsg [Mon, 1 Jan 2024 23:58:00 +0000 (23:58 +0000)]
drm/i915: Fix ADL+ tiled plane stride when the POT stride is smaller than the original
From Ville Syrjala
900c1b3c62f920a50352f5dff6995bca5836b0c7 in linux-6.1.y/6.1.70
324b70e997aab0a7deab8cb90711faccda4e98c8 in mainline linux
jsg [Mon, 1 Jan 2024 23:55:41 +0000 (23:55 +0000)]
drm/i915/mtl: Add MTL for remapping CCS FBs
From Clint Taylor
de4349bdf9f3ba46d0e5e298924432957328ddfd in linux-6.1.y/6.1.70
0da6bfe857ea9399498876cbe6ef428637b6e475 in mainline linux
jsg [Mon, 1 Jan 2024 23:53:46 +0000 (23:53 +0000)]
drm/i915/dpt: Only do the POT stride remap when using DPT
From Ville Syrjala
52c1a67dd3039ba254484cb7740d9079663a80bd in linux-6.1.y/6.1.70
ef5cb493a9acd7d97870d6e542020980ae3f3483 in mainline linux
jsg [Mon, 1 Jan 2024 23:50:42 +0000 (23:50 +0000)]
drm/i915: Fix intel_atomic_setup_scalers() plane_state handling
From Ville Syrjala
7afe8109456d94d6cc9374da869b2d64852b8535 in linux-6.1.y/6.1.70
c3070f080f9ba18dea92eaa21730f7ab85b5c8f4 in mainline linux
jsg [Mon, 1 Jan 2024 23:48:31 +0000 (23:48 +0000)]
drm/i915: Relocate intel_atomic_setup_scalers()
From Ville Syrjala
b097184f80269f384e9f5556e6b3592441e955f4 in linux-6.1.y/6.1.70
8976b18249407df8bf6ea18ecae0640a15341a50 in mainline linux
jsg [Mon, 1 Jan 2024 23:47:01 +0000 (23:47 +0000)]
drm/i915/mtl: limit second scaler vertical scaling in ver >= 14
From Luca Coelho
99767368b7fad6bee30ca89ef96877d86e3181a1 in linux-6.1.y/6.1.70
8d4312e2b228ba7a5ac79154458098274ec61e9b in mainline linux
jsg [Mon, 1 Jan 2024 23:45:08 +0000 (23:45 +0000)]
drm/amd/display: fix hw rotated modes when PSR-SU is enabled
From Hamza Mahfooz
913463f8e6cd8b0567c44d7eef350b9592a369dd in linux-6.1.y/6.1.70
f528ee145bd0076cd0ed7e7b2d435893e6329e98 in mainline linux
bluhm [Mon, 1 Jan 2024 22:16:51 +0000 (22:16 +0000)]
Protect link between pf and inp with mutex.
Introduce global mutex to protect the pointers between pf state key
and internet PCB. Then in_pcbdisconnect() and in_pcbdetach() do
not need exclusive netlock anymore. Use a bunch of read once
unlocked access to reduce performance impact.
OK sashan@
bluhm [Mon, 1 Jan 2024 18:52:09 +0000 (18:52 +0000)]
Reduce code duplication in ip6 divert.
Protocols like UDP or TCP keep only functions in netinet6 that are
essentially different. Remove divert6_detach(), divert6_lock(),
divert6_unlock(), divert6_bind(), and divert6_shutdown(). Replace
them with identical IPv4 functions. INP_HDRINCL is an IPv4 only
option, remove it from divert6_attach().
OK mvs@ sashan@ kn@
mvs [Mon, 1 Jan 2024 18:47:02 +0000 (18:47 +0000)]
Call if_counters_alloc() before if_attach().
ok bluhm sashan
tb [Mon, 1 Jan 2024 18:33:04 +0000 (18:33 +0000)]
Fix bounds check in EVP_PKEY_CTX_get_keygen_info()
Replace > with >= for the upper array bound to disallow a 4 byte
overread. For RSA you can read the padding mode and for DH past
the DH_PKEY_CTX. Unfortunately, Ruby thought it important to use
this, so we can't kill it easily.
ok miod
kettenis [Mon, 1 Jan 2024 18:25:50 +0000 (18:25 +0000)]
Move fdt attachment into sys/conf/files.conf instead of duplicating it on
an MD basis.
ok patrick@
bluhm [Mon, 1 Jan 2024 17:00:57 +0000 (17:00 +0000)]
Fix white space in pf.c.
tb [Mon, 1 Jan 2024 16:01:48 +0000 (16:01 +0000)]
kill gross whitespace
tb [Mon, 1 Jan 2024 15:43:02 +0000 (15:43 +0000)]
pkey_is_pss() and pkey_ctx_is_pss() to rsa_ameth.c
These aren't particularly helpful and should probably both be expanded.
For now move them to the only place where they are actually used.
tb [Mon, 1 Jan 2024 15:23:00 +0000 (15:23 +0000)]
Remove EVP_PKEY's save_type member
This was only used to avoid an ameth lookup in EVP_PKEY_set_type(), a
micro-optimization that was removed in p_lib.c r1.48.
ok jsing
semarie [Mon, 1 Jan 2024 14:16:59 +0000 (14:16 +0000)]
update devel/cargo and lang/rust ports-module documentation
with help and ok tb@
kevlo [Mon, 1 Jan 2024 13:04:35 +0000 (13:04 +0000)]
Add Quectel RM500Q to umb man page.
ok mglocker@
jsg [Mon, 1 Jan 2024 07:00:18 +0000 (07:00 +0000)]
copyright++;
bluhm [Sun, 31 Dec 2023 16:05:50 +0000 (16:05 +0000)]
Increase datasize to 1536 MB for running llvm-tblgen on i386.
Fixes build in src/gnu/usr.bin/clang/include/llvm/AMDGPU.
OK semarie@
mglocker [Sun, 31 Dec 2023 08:42:33 +0000 (08:42 +0000)]
Add TCP Segmentation Offload (TSO) support for em(4). Following chip-sets
are currently known to support TSO; 82575, 82576, 82580, I350, and I210.
Suggested by claudio@. Feedback and testing from many on tech@.
OK bluhm@
tb [Sun, 31 Dec 2023 07:19:13 +0000 (07:19 +0000)]
KNF nit
tb [Sun, 31 Dec 2023 07:14:42 +0000 (07:14 +0000)]
Sort the NIDs by name
requested by jsing
tb [Sun, 31 Dec 2023 07:10:50 +0000 (07:10 +0000)]
Replace the sorted extensions lookup with a switch
If all you have is OBJ_bsearch_(), everything looks like a nail. This
changes a binary search over a list of 12 elements with a lookup via
a switch.
switch suggested by claudio
ok jsing
tb [Sun, 31 Dec 2023 01:31:07 +0000 (01:31 +0000)]
Sprinkle a handfull of missing continue
tb [Sat, 30 Dec 2023 18:26:13 +0000 (18:26 +0000)]
Make x509_issuer_cache_free_oldest() static
This is an internal function and you can't hold the required mutex
to call it anyway since that's internal, too.
tb [Sat, 30 Dec 2023 18:24:09 +0000 (18:24 +0000)]
Some Australians don't like voids either
tb [Sat, 30 Dec 2023 18:22:52 +0000 (18:22 +0000)]
One more missing void was hiding here
tb [Sat, 30 Dec 2023 18:06:59 +0000 (18:06 +0000)]
Some BoringSSL devs spent too much time with C++
bluhm [Sat, 30 Dec 2023 17:52:27 +0000 (17:52 +0000)]
Set ixl(4) IXL_TX_PKT_DESCS to 8.
Mark Patruck has reported problems with ixl revision 1.90 TSO diff.
He uses ixl device passthrough from Linux via KVM to OpenBSD guest.
After a few hours of operation, interface locks up with oactive.
The problem also occures with TSO disabled, after the TSO diff had
been commited. deraadt@ has seen similar problems with ixl interface
on sparc64.
Changing IXL_TX_PKT_DESCS back to the original value 8 fixes the
lockup and even TSO on the hardware still works. FreeBSD and NetBSD
also use this value. The 32 was copied from ix(4) TSO diff and is
not necessary for ixl(4).
debugged with jan@; lot of bisecting and testing by Mark Patruck
OK mglocker@ patrick@
stsp [Sat, 30 Dec 2023 16:55:44 +0000 (16:55 +0000)]
Fix iwx(4) device info table entries for So+Hr devices.
Some non-160MHz So+Hr devices were misdetected, causing iwx(4) to select
the wrong firmware image for them.
Patch by Miguel Landaeta
kettenis [Sat, 30 Dec 2023 13:13:11 +0000 (13:13 +0000)]
Improve the RTKit code. This update brings us crashlog and syslog parsing
support as well as bug fixes that are needed to bring up the DCP.
ok patrick@
bluhm [Sat, 30 Dec 2023 12:44:43 +0000 (12:44 +0000)]
Protect em(4) refill timeout with splnet.
From time to time "pkt->pkt_m == NULL" or "m != NULL" assertions
were hit in the em driver. Stack trace shows that em refill timeout
was interrupted by em interrupt. Doing em_rxfill() and em_rxeof()
simultaneously cannot be correct. Protect softclock in em_rxrefill()
with splnet().
OK mglocker@
tb [Sat, 30 Dec 2023 08:58:18 +0000 (08:58 +0000)]
Add extended regress coverage for ASN.1 methods
Validate that every alias resolves to a non-alias in one step and that
non-aliases have pkey_id == pkey_base_id, an info string and a pem_str.
They can be looked up by their pkey_id or pem_str.
Conversely, all these are false for aliases.
tb [Sat, 30 Dec 2023 06:25:56 +0000 (06:25 +0000)]
Fix two more unchecked EVP_PKEY_assign() calls
In SSL{_CTX}_use_RSAPrivateKey() switch from EVP_PKEY_assign_RSA() to
EVP_PKEY_set1_RSA() and hold on to the reference of the the pkey for
the duration of ssl_set_pkey(). Use single exit and other minor style
cleanups.
ok joshua jsing
tb [Fri, 29 Dec 2023 22:37:47 +0000 (22:37 +0000)]
fix previous: key -> parameter
tb [Fri, 29 Dec 2023 19:19:48 +0000 (19:19 +0000)]
A .Xr to DSA_generate_parameters_ex() was lost accidentally
tb [Fri, 29 Dec 2023 19:15:52 +0000 (19:15 +0000)]
sync
tb [Fri, 29 Dec 2023 19:15:15 +0000 (19:15 +0000)]
Move DSA_generate_parameters.3 to DSA_generate_parameters_ex.3
tb [Fri, 29 Dec 2023 19:12:46 +0000 (19:12 +0000)]
Adjust documentation for upcoming DSA_generate_parameters removal
This removes any mention of DSA_generate_parameters in the manuals apart
from a comment that it is intentionally undocumented and adapts cross
references to DSA_generate_parameters_ex. The file itself will be moved
in a second step.
tb [Fri, 29 Dec 2023 19:00:31 +0000 (19:00 +0000)]
ameth_lib: zap trailing empty line
tb [Fri, 29 Dec 2023 18:52:11 +0000 (18:52 +0000)]
bump version
tb [Fri, 29 Dec 2023 18:49:06 +0000 (18:49 +0000)]
eckey: adjust some variable names and unwrap function definitions
ok jsing
tb [Fri, 29 Dec 2023 18:48:25 +0000 (18:48 +0000)]
Clean up old_ec_priv_decode()
As per usual. Stylistic adjustments and missing error check.
ok jsing
tb [Fri, 29 Dec 2023 18:47:47 +0000 (18:47 +0000)]
Clean up eckey_param_decode()
This aligns eckey's parameter decoding routine with the one of other
cipher abstractions: better variable names, single exit and add missing
check for EVP_PKEY_assign_EC_KEY().
ok jsing
tb [Fri, 29 Dec 2023 18:46:24 +0000 (18:46 +0000)]
Rework eckey_priv_decode()
Factor out the pubkey computation and bring it into more sensible form.
This removes lots of pointless setting of errors (twice) and makes the
code a bit easier on the eyes. Other than that perform some stylistic
cleanup like single exit and add an error check for EVP_PKEY_assign().
ok jsing
tb [Fri, 29 Dec 2023 18:45:39 +0000 (18:45 +0000)]
Move a call to X509_ALGOR_get0() down a line
tb [Fri, 29 Dec 2023 17:15:10 +0000 (17:15 +0000)]
Pass correct file to warnx()
We end up here only if mft1 == NULL, which can happen because file1 == NULL.
Use file2 instead because mft2 != NULL implies file2 != NULL.
ok job
claudio [Fri, 29 Dec 2023 16:02:29 +0000 (16:02 +0000)]
There is no need to include sys/uio.h here.
job [Fri, 29 Dec 2023 14:35:43 +0000 (14:35 +0000)]
Fix a NULL access or use-after-free bug
This is a bandaid, the proc_parser_mft() is too complex and needs reworking
OK tb@
jca [Fri, 29 Dec 2023 13:23:27 +0000 (13:23 +0000)]
Use a per cpu pool cache for pmap_pv_pool
Improves performance on my 8 cores box. ok cheloha@ kettenis@