CVS: cvs.openbsd.org: src

2023-05-16 Thread Joel Sing 
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/05/17 00:37:14

Modified files:
lib/libcrypto  : crypto_internal.h 
lib/libcrypto/sha: sha512.c 

Log message:
Clean up alignment handling for SHA-512.

All assembly implementations are required to perform their own alignment
handling. In the case of the C implementation, on strict alignment
platforms, unaligned data will be copied into an aligned buffer. However,
most platforms then perform byte-by-byte reads (via the PULL64 macros).

Instead, remove SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA and alignment
handling to sha512_block_data_order() - if the data is aligned then simply
perform 64 bit loads and then do endian conversion via be64toh(). If the
data is unaligned then use memcpy() and be64toh() (in the form of
crypto_load_be64toh()). Overall this reduces complexity and can improve
performance (on aarch64 we get a ~10% performance gain with aligned input
and about ~1-2% gain on armv7), while the same movq/bswapq is generated
for amd64 and movl/bswapl for i386.

ok tb@

CVS: cvs.openbsd.org: src

2023-05-16 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2023/05/16 23:52:01

Modified files:
regress/usr.bin/ssh: Makefile 

Log message:
add LTESTS_FROM variable to allow skipping of tests up to a specific
point. e.g. "make LTESTS_FROM=t-sftp" will only run the sftp.sh test
and subsequent ones. ok dtucker@

CVS: cvs.openbsd.org: src

2023-05-16 Thread Philip Guenther 
CVSROOT:/cvs
Module name:src
Changes by: guent...@cvs.openbsd.org2023/05/16 19:57:15

Modified files:
gnu/usr.bin/binutils-2.17/opcodes: i386-dis.c 

Log message:
Add support for disassembling CET (including endbr64), XSS, OSPKE,
clflushopt, clwb, ptwrite, rdpid, serialize, WAITPKG, and vmfunc
extensions, as well as part of TSX.  tpause and umonitor addr size
handling isn't 100% correct, but good enough to get the instruction
boundary.

Correct decoding of rex64 {fxsave,fxrstor,xsave,xrstor,xsaveopt}
to instead use a '64' suffix, ala "fxsave64".

"good enough" ok kettenis@ deraadt@ mlarkin@

CVS: cvs.openbsd.org: src

2023-05-16 Thread Todd C . Miller 
CVSROOT:/cvs
Module name:src
Changes by: mill...@cvs.openbsd.org 2023/05/16 15:28:46

Modified files:
usr.sbin/user  : user.c 

Log message:
useradd: use "cp" instead of "pax" to copy dot files
There are some minor semantic differences but nothing that should
affect files in /etc/skel.  OK op@

CVS: cvs.openbsd.org: src

2023-05-16 Thread Jason McIntyre 
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2023/05/16 15:13:19

Modified files:
lib/libc/sys   : sysctl.2 

Log message:
add net.inet.tcp.tso;
ok jan bluhm

CVS: cvs.openbsd.org: src

2023-05-16 Thread Vitaliy Makkoveev 
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2023/05/16 14:09:27

Modified files:
sys/kern   : uipc_mbuf.c 

Log message:
Always set maximum queue length to passed in the IFQCTL_MAXLEN case.
This is not the fast path, so dropping mq->mq_maxlen check doesn't
introduce any performance impact, but makes code MP consistent.

Discussed with and ok from bluhm@

CVS: cvs.openbsd.org: src

2023-05-16 Thread Vitaliy Makkoveev 
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2023/05/16 13:44:55

Modified files:
sys/sys: protosw.h 

Log message:
Replace tab by space after #define in PR_* definitions.

ok bluhm@

CVS: cvs.openbsd.org: src

2023-05-16 Thread Vitaliy Makkoveev 
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2023/05/16 13:36:00

Modified files:
sys/kern   : uipc_domain.c 
sys/netinet: in_proto.c ip_input.c 
sys/sys: protosw.h 

Log message:
Introduce temporary PR_MPSYSCTL flag to mark (*pr_sysctl)() handler MP
safe. We have may of them, so use flag instead of pushing kernel lock
within.

Unlock ip_sysctl(). Still take kernel lock within IPCTL_MRTSTATS case.
It looks like `mrtstat' protection is inconsistent, so keep locking as
it was. Since `mrtstat' are counters, it make sense to rework them into
per CPU counters with separate diffs.

Feedback and ok from bluhm@

CVS: cvs.openbsd.org: src

2023-05-16 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2023/05/16 12:41:18

Modified files:
regress/lib/libcrypto/ecdh: ecdhtest.c 

Log message:
ecdhtest: check malloc() return values

>From Ilya Chipitsine

CVS: cvs.openbsd.org: src

2023-05-16 Thread Omar Polo 
CVSROOT:/cvs
Module name:src
Changes by: o...@cvs.openbsd.org2023/05/16 11:48:52

Modified files:
usr.sbin/smtpd : mta.c smtp.c smtpc.c 

Log message:
some fatal -> fatalx to improved logging

errno doesn't generally contains anything useful after libtls functions,
and in most cases it's explicitly cleared to avoid misuse, so change a
few fatal() calls to fatalx() when logging libtls failures.  Also, add
the real error string, via tls_error() or tls_config_error(), that was
missing before.

ok millert@

CVS: cvs.openbsd.org: src

2023-05-16 Thread Claudio Jeker 
CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2023/05/16 11:01:31

Modified files:
usr.sbin/rpki-client: repo.c 

Log message:
RRDP snapshots should encode publish elements only once. If encountered
fail the transfer and fall back to rsync.

When more than one publish element for the same file exist the RP does
not know which one to choose. Lets fail the RRDP transfer in this case
and fall back to rsync. CA that publish a file more than once are buggy
and need to be fixed.
OK job@ tb@

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 10:55:32

Modified files:
usr.sbin/pkg_add/OpenBSD: ArcCheck.pm Ustar.pm 

Log message:
explicitly rename internal methods with an _

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 10:45:04

Modified files:
usr.sbin/pkg_add/OpenBSD: ArcCheck.pm Ustar.pm 

Log message:
clean visible interface a bit: Ustar does not use errsay (but ArcCheck does)
and having a forwarder for system for ONE use is a bit much !

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 08:33:04

Modified files:
usr.sbin/pkg_add/OpenBSD: ArcCheck.pm 

Log message:
cleaner documentation of what's going on

CVS: cvs.openbsd.org: src

2023-05-16 Thread Jan Klemkow 
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2023/05/16 08:32:54

Modified files:
sbin/ifconfig  : ifconfig.8 ifconfig.c 
sys/dev/pci: if_ix.c 
sys/net: if.c if.h if_aggr.c if_bridge.c if_tpmr.c 
 if_veb.c if_vlan.c 
sys/netinet: ip_carp.c 

Log message:
Use separate IFCAPs for LRO and TSO.

This diff introduces separate capabilities for TCP offloading.  We split this
into LRO (large receive offloading) and TSO (TCP segmentation offloading).
LRO can be turned on/off via tcprecvoffload option of ifconfig and is not
inherited to sub interfaces.

TSO is inherited by sub interfaces to signal this hardware offloading capability
to the network stack.

With tweaks from bluhm, claudio and dlg

ok bluhm, claudio

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 08:31:54

Modified files:
usr.sbin/pkg_add/OpenBSD: IdCache.pm 

Log message:
start un-exposing some internal methods

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 08:31:26

Modified files:
usr.sbin/pkg_add/OpenBSD: OldLibs.pm PackingList.pm 

Log message:
ditch subclasses for PackingList: I ended up never using this anywhere

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 08:30:55

Modified files:
usr.sbin/pkg_add/OpenBSD: PkgCreate.pm 

Log message:
use the new set_destdir interface

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 08:30:12

Modified files:
usr.sbin/pkg_add/OpenBSD: Ustar.pm 

Log message:
avoid the "indirect object" call, as it won't work with v5.36
document a few useful details
introduce a less confusing set_destdir inteface for later

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 08:29:20

Modified files:
usr.sbin/pkg_add/OpenBSD: md5.pm 

Log message:
explain why there is a hierarchy with one single subclass, because
we never know when we may need to change crypto-hashes!

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 08:28:39

Modified files:
usr.sbin/pkg_add/OpenBSD: PackingElement.pm 

Log message:
document a few small details, some of them non-obvious like
the inheritance hierarchy or the exact interface for ->add

CVS: cvs.openbsd.org: src

2023-05-16 Thread joshua stein 
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2023/05/16 08:10:43

Modified files:
lib/libssl : s3_lib.c 

Log message:
add missing pointer invalidation

ok tb

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 08:04:16

Modified files:
usr.sbin/pkg_add/OpenBSD: Mtree.pod 

Log message:
document extra parameter that's used by pkg_check

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 05:53:01

Modified files:
usr.sbin/pkg_add/OpenBSD: md5.pod 

Log message:
typo

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 05:20:00

Modified files:
usr.sbin/pkg_add/OpenBSD: IdCache.pod 

Log message:
the old "indirect method call" was deprecated recently (apart from
mimicing perl base syntax on fh objects and the likes), so use the
more consistent class->method calling method in examples (and in code)

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 04:52:58

Modified files:
usr.sbin/pkg_add/OpenBSD: Ustar.pod 

Log message:
State -> BaseState, for lightweight requirements

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 04:51:36

Modified files:
usr.sbin/pkg_add/OpenBSD: Ustar.pod 

Log message:
reflect reality better: document set_description and friends

CVS: cvs.openbsd.org: src

2023-05-16 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2023/05/16 03:02:50

Modified files:
usr.sbin/acme-client: acme-client.1 

Log message:
since apparently, the "example" conf is not free-form (adding comments
would break scripts, go figure), highlight the staging servers so that
people with non-standard configurations (challenge/response) get a chance
at figuring things out.

okay tb@

CVS: cvs.openbsd.org: www

2023-05-16 Thread Darren Tucker 
CVSROOT:/cvs
Module name:www
Changes by: dtuc...@cvs.openbsd.org 2023/05/16 02:01:18

Modified files:
openssh: security.html 

Log message:
The ssh-add smartcard bug is fixed in 9.3 and not 9.2.

CVS: cvs.openbsd.org: src

2023-05-16 Thread Joel Sing 
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/05/16 01:04:57

Modified files:
lib/libcrypto/sha: sha512.c 

Log message:
Clean up SHA-512 input handling and round macros.

Avoid reach around and initialisation outside of the macro, cleaning up
the call sites to remove the initialisation. Use a T2 variable to more
closely follow the documented algorithm and remove the gorgeous compound
statement X = Y += A + B + C.

There is no change to the clang generated assembly on aarch64.

ok tb@