[PATCH] [src] - etc/root/root.mail - correct time zone
Hi all, Time zone change. Regards, Raf Index: etc/root/root.mail === RCS file: /cvs/src/etc/root/root.mail,v retrieving revision 1.137 diff -u -p -r1.137 root.mail --- etc/root/root.mail 5 Apr 2020 16:15:39 - 1.137 +++ etc/root/root.mail 6 Apr 2020 02:36:53 - @@ -1,6 +1,6 @@ -From dera...@do-not-reply.openbsd.org Fri May 1 06:30:00 MST 2020 +From dera...@do-not-reply.openbsd.org Fri May 1 06:30:00 MDT 2020 Return-Path: root -Date: May 1 06:30:00 MST 2020 +Date: May 1 06:30:00 MDT 2020 From: dera...@do-not-reply.openbsd.org (Theo de Raadt) To: root Subject: Welcome to OpenBSD 6.7!
Re: EV_SET(2) shadows variable
On Sat, 4 Apr 2020, Theo de Raadt wrote: > Philip Guenther wrote: > > > On Fri, 3 Apr 2020, Martin Pieuchot wrote: > > > Thanks, here it is, ok? > > > > ok guenther@ > > Should we do the same to all other macros, just in case? Checking /usr/include/{,sys/}*.h, the diff below fixes the only ones I found to be potential problems /usr/include/net* and some others have not-completely-safe macros, like IP6_EXTHDR_GET() Index: include/bitstring.h === RCS file: /data/src/openbsd/src/include/bitstring.h,v retrieving revision 1.5 diff -u -p -r1.5 bitstring.h --- include/bitstring.h 2 Jun 2003 19:34:12 - 1.5 +++ include/bitstring.h 6 Apr 2020 00:37:52 - @@ -83,46 +83,46 @@ typedef unsigned char bitstr_t; /* clear bits start ... stop in bitstring */ #definebit_nclear(name, start, stop) do { \ - register bitstr_t *_name = name; \ - register int _start = start, _stop = stop; \ - while (_start <= _stop) { \ - bit_clear(_name, _start); \ - _start++; \ + register bitstr_t *__name = (name); \ + register int ___start = (start), __stop = (stop); \ + while (__start <= __stop) { \ + bit_clear(__name, __start); \ + __start++; \ } \ } while(0) /* set bits start ... stop in bitstring */ #definebit_nset(name, start, stop) do { \ - register bitstr_t *_name = name; \ - register int _start = start, _stop = stop; \ - while (_start <= _stop) { \ - bit_set(_name, _start); \ - _start++; \ + register bitstr_t *__name = (name); \ + register int __start = (start), __stop = (stop); \ + while (__start <= __stop) { \ + bit_set(__name, __start); \ + __start++; \ } \ } while(0) /* find first bit clear in name */ #definebit_ffc(name, nbits, value) do { \ - register bitstr_t *_name = name; \ - register int _bit, _nbits = nbits, _value = -1; \ - for (_bit = 0; _bit < _nbits; ++_bit) \ - if (!bit_test(_name, _bit)) { \ - _value = _bit; \ + register bitstr_t *__name = (name); \ + register int __bit, __nbits = (nbits), __value = -1; \ + for (__bit = 0; __bit < __nbits; ++__bit) \ + if (!bit_test(__name, __bit)) { \ + __value = __bit; \ break; \ } \ - *(value) = _value; \ + *(value) = __value; \ } while(0) /* find first bit set in name */ #definebit_ffs(name, nbits, value) do { \ - register bitstr_t *_name = name; \ - register int _bit, _nbits = nbits, _value = -1; \ - for (_bit = 0; _bit < _nbits; ++_bit) \ - if (bit_test(_name, _bit)) { \ - _value = _bit; \ + register bitstr_t *__name = (name); \ + register int __bit, __nbits = (nbits), __value = -1; \ + for (__bit = 0; __bit < __nbits; ++__bit) \ + if (bit_test(__name, __bit)) { \ + __value = __bit; \ break; \ } \ - *(value) = _value; \ + *(value) = __value; \ } while(0) #endif /* !_BITSTRING_H_ */ Index: sys/sys/disklabel.h === RCS file: /data/src/openbsd/src/sys/sys/disklabel.h,v retrieving revision 1.75 diff -u -p -r1.75 disklabel.h --- sys/sys/disklabel.h 24 Oct 2017 09:36:13 - 1.75 +++ sys/sys/disklabel.h 6 Apr 2020 00:52:08 - @@ -156,37 +156,37 @@ struct__partitionv0 { /* old (v0) part #define DL_GETPSIZE(p) (((u_int64_t)(p)->p_sizeh << 32) + (p)->p_size) #define DL_SETPSIZE(p, n) do { \ - u_int64_t x = (n); \ - (p)->p_sizeh = x >> 32; \ - (p)->p_size = x; \ + u_int64_t __x = (n); \ + (p)->p_sizeh = __x >> 32; \ + (p)->p_size = __x; \ } while (0) #define DL_GETPOFFSET(p) (((u_int64_t)(p)->p_offseth << 32) + (p)->p_offset) #define DL_SETPOFFSET(p, n)do { \ - u_int64_t x = (n); \ - (p)->p_offseth = x >> 32; \ - (p)->p_offset = x; \ + u_int64_t __x = (n); \ + (p)->p_offseth = __x >> 32; \ + (p)->p_offset = __x; \ } while (0) #define DL_GETDSIZE(d)
Re: split futex into three
On Sun, 5 Apr 2020, Stuart Henderson wrote: > On 2020/04/05 10:28, Martin Pieuchot wrote: > > Another way to proceed would be to do a port grep for futex and see what > > the ecosystem is using. > > Sorry it's not filtered, but : > > https://junkpile.org/grep.futex.gz Sure looks like the only occurence of futex() used with FUTEX_REQUEUE (== 3) is the linux kernel test program. Everything else, including rust, is using FUTEX_CMP_REQUEUE or one of the PI operations (FUTEX_WAIT_REQUEUE_PI, FUTEX_CMP_REQUEUE_PI). Philip
Re: sparc64 clang fixes
> Date: Sat, 4 Apr 2020 23:46:05 +0200 (CEST) > From: Mark Kettenis > > So regress/lib/libm/msun/run-conj_test fails because clang emits > fmovqne instructions. Those instructions aren't actually implemented > and since we don't emulate them in our kernel the test gets killed > with SIGILL. > > The compiler isn't suppose to emit the instructions unless they are > explicitly enabled. The instruction tables contain a few mistakes. > In particular if predicates are set for a block of instruction > patterns the Requires<[HasHardQuad]> doesn't seem to do anything. > > ok? That diff didn't actually work. Seems we need to provide some additional magic such that clang knows to use a conditional branch instead to replace the conditional move. ok? Index: gnu/llvm/lib/Target/Sparc/SparcISelLowering.cpp === RCS file: /cvs/src/gnu/llvm/lib/Target/Sparc/SparcISelLowering.cpp,v retrieving revision 1.4 diff -u -p -r1.4 SparcISelLowering.cpp --- gnu/llvm/lib/Target/Sparc/SparcISelLowering.cpp 23 Jun 2019 22:05:14 - 1.4 +++ gnu/llvm/lib/Target/Sparc/SparcISelLowering.cpp 5 Apr 2020 20:48:22 - @@ -3103,6 +3103,11 @@ SparcTargetLowering::EmitInstrWithCustom case SP::SELECT_CC_DFP_ICC: case SP::SELECT_CC_QFP_ICC: return expandSelectCC(MI, BB, SP::BCOND); + case SP::SELECT_CC_Int_XCC: + case SP::SELECT_CC_FP_XCC: + case SP::SELECT_CC_DFP_XCC: + case SP::SELECT_CC_QFP_XCC: +return expandSelectCC(MI, BB, SP::BPXCC); case SP::SELECT_CC_Int_FCC: case SP::SELECT_CC_FP_FCC: case SP::SELECT_CC_DFP_FCC: Index: gnu/llvm/lib/Target/Sparc/SparcInstr64Bit.td === RCS file: /cvs/src/gnu/llvm/lib/Target/Sparc/SparcInstr64Bit.td,v retrieving revision 1.1.1.3 diff -u -p -r1.1.1.3 SparcInstr64Bit.td --- gnu/llvm/lib/Target/Sparc/SparcInstr64Bit.td23 Jun 2019 21:36:36 - 1.1.1.3 +++ gnu/llvm/lib/Target/Sparc/SparcInstr64Bit.td5 Apr 2020 20:48:22 - @@ -337,6 +337,7 @@ def FMOVD_XCC : F4_3<0b110101, 0b10, "fmovd$cond %xcc, $rs2, $rd", [(set f64:$rd, (SPselectxcc f64:$rs2, f64:$f, imm:$cond))]>; +let Predicates = [Is64Bit, HasHardQuad] in def FMOVQ_XCC : F4_3<0b110101, 0b11, (outs QFPRegs:$rd), (ins QFPRegs:$rs2, QFPRegs:$f, CCOp:$cond), "fmovq$cond %xcc, $rs2, $rd", @@ -437,11 +438,11 @@ def FXTOD : F3_3u<2, 0b110100, 0b0100010 (outs DFPRegs:$rd), (ins DFPRegs:$rs2), "fxtod $rs2, $rd", [(set DFPRegs:$rd, (SPxtof DFPRegs:$rs2))]>; +let Predicates = [Is64Bit, HasHardQuad] in def FXTOQ : F3_3u<2, 0b110100, 0b010001100, (outs QFPRegs:$rd), (ins DFPRegs:$rs2), "fxtoq $rs2, $rd", - [(set QFPRegs:$rd, (SPxtof DFPRegs:$rs2))]>, - Requires<[HasHardQuad]>; + [(set QFPRegs:$rd, (SPxtof DFPRegs:$rs2))]>; def FSTOX : F3_3u<2, 0b110100, 0b01001, (outs DFPRegs:$rd), (ins FPRegs:$rs2), @@ -451,11 +452,11 @@ def FDTOX : F3_3u<2, 0b110100, 0b010 (outs DFPRegs:$rd), (ins DFPRegs:$rs2), "fdtox $rs2, $rd", [(set DFPRegs:$rd, (SPftox DFPRegs:$rs2))]>; +let Predicates = [Is64Bit, HasHardQuad] in def FQTOX : F3_3u<2, 0b110100, 0b01011, (outs DFPRegs:$rd), (ins QFPRegs:$rs2), "fqtox $rs2, $rd", - [(set DFPRegs:$rd, (SPftox QFPRegs:$rs2))]>, - Requires<[HasHardQuad]>; + [(set DFPRegs:$rd, (SPftox QFPRegs:$rs2))]>; } // Predicates = [Is64Bit] Index: gnu/llvm/lib/Target/Sparc/SparcInstrInfo.td === RCS file: /cvs/src/gnu/llvm/lib/Target/Sparc/SparcInstrInfo.td,v retrieving revision 1.1.1.7 diff -u -p -r1.1.1.7 SparcInstrInfo.td --- gnu/llvm/lib/Target/Sparc/SparcInstrInfo.td 23 Jun 2019 21:36:36 - 1.1.1.7 +++ gnu/llvm/lib/Target/Sparc/SparcInstrInfo.td 5 Apr 2020 20:48:22 - @@ -469,6 +469,27 @@ let Uses = [ICC], usesCustomInserter = 1 [(set f128:$dst, (SPselecticc f128:$T, f128:$F, imm:$Cond))]>; } +let Uses = [ICC], usesCustomInserter = 1 in { + def SELECT_CC_Int_XCC + : Pseudo<(outs IntRegs:$dst), (ins IntRegs:$T, IntRegs:$F, i32imm:$Cond), +"; SELECT_CC_Int_XCC PSEUDO!", +[(set i32:$dst, (SPselectxcc i32:$T, i32:$F, imm:$Cond))]>; + def SELECT_CC_FP_XCC + : Pseudo<(outs FPRegs:$dst), (ins FPRegs:$T, FPRegs:$F, i32imm:$Cond), +"; SELECT_CC_FP_XCC PSEUDO!", +[(set f32:$dst, (SPselectxcc f32:$T, f32:$F, imm:$Cond))]>; + + def SELECT_CC_DFP_XCC + : Pseudo<(outs DFPRegs:$dst), (ins DFPRegs:$T, DFPRegs:$F, i32imm:$Cond), +"; SELECT_CC_DFP_XCC PSEUDO!", +[(set
OpenBSD perl 5.30.2 - Call for Testing
There's a minor update for perl 5.30.2 out, mostly just some bugfixes, but also documentation updates because the main repository and bug tracker for perl has moved to GitHub. The full perldeltas are here the main one for for 5.30.0, and 5.30.1 that we have in-tree now and the smaller bugfixes in 5.30.2. https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perl5300delta.pod https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perl5301delta.pod https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod The logs for the testing I have done is here. https://github.com/afresh1/OpenBSD-perl/tree/master/build_logs/5.30.2 Which includes alpha, amd64, arm64, armv7, i386, macppc, sparc64, and octeon. On my alpha there's an odd failure in 01_IPC_Cmd.t, but that's not new and seems to be something with buffers not getting flushed as expected. For running the perl test suite, you can follow the instructions on GitHub, repeated here: https://github.com/afresh1/OpenBSD-perl download the patches and scripts https://github.com/afresh1/OpenBSD-perl/archive/master.tar.gz and extract someplace or git clone https://github.com/afresh1/OpenBSD-perl.git download perl-5.30.2.tar.gz into the same directory https://cpan.metacpan.org/authors/id/S/SH/SHAY/perl-5.30.2.tar.gz cd to someplace you have room run /path/to/OpenBSD-perl/build_perl wait send me the log file(s) it generates You can download a pre-patched version of perl that can be extracted to replace src/gnu/usr.bin/perl for building a system with the new perl: https://cvs.afresh1.com/~andrew/perl-update/OpenBSD-perl-5.30.2.tar.gz I also have what should be a mostly correct sets/lists patch for building a release. https://cvs.afresh1.com/~andrew/perl-update/OpenBSD-perl-5.30.2-sets_lists.patch Unfortunately, there are some characters in test files that are causing `patch` to fail, so although you can get the patch here, I haven't been able to figure out how to apply it successfully. If you want to try, this is supposed to apply to -current to update it to perl 5.30.2, to do that you would copy it into /usr/src (or adjust the paths below) and follow these ugly instructions. You'll still need the above sets lists patch if you're planning to build a release. https://cvs.afresh1.com/~andrew/perl-update/OpenBSD-perl-5.30.2.patch.gz or https://cvs.afresh1.com/~andrew/perl-update/OpenBSD-perl-5.30.2.patch cd /usr/src patch -p0 -uNE < perl-5.30.2.patch # Remove patch cruft find gnu/usr.bin/perl -name '*.orig' -delete # Add and remove binary and zero sized files that patch doesn't understand grep -B1 -e '^Index:' -e 'Binary files /tmp/.* and /dev/null differ' \ perl-5.30.2.patch | sed -ne 's/^diff -N //p' | while read f; do if [ -e $f ]; then rm $f; else touch $f; fi; done cd gnu/usr.bin/perl && find -d . \ \( -type d -o -path '*/CVS' -prune \) \ ! -name CVS \ -exec test -e {}/CVS \; \ -execdir sh -c 'test $( ls -1 {} | grep -v '^CVS/$' | wc -l ) -eq 0' \; \ -exec rm -r {} \;
Re: ospf6d: update to connected routes
On Wed, Apr 01, 2020 at 08:50:45PM +0200, Denis Fondras wrote: > Handle connected routes as ospfd(8) does. > > (diff to ospf6d and ospf6ctl) OK remi@ > > Index: ospf6ctl/ospf6ctl.c > === > RCS file: /cvs/src/usr.sbin/ospf6ctl/ospf6ctl.c,v > retrieving revision 1.50 > diff -u -p -r1.50 ospf6ctl.c > --- ospf6ctl/ospf6ctl.c 26 May 2019 09:27:09 - 1.50 > +++ ospf6ctl/ospf6ctl.c 1 Apr 2020 18:16:12 - > @@ -1103,10 +1103,10 @@ show_rib_msg(struct imsg *imsg) > errx(1, "Invalid route type"); > } > > - printf("%-20s %-17s %-12s %-9s %-7d %s\n", dstnet, > + printf("%-20s %-16s%s %-12s %-9s %-7d %s\n", dstnet, > log_in6addr_scope(>nexthop, rt->ifindex), > - path_type_name(rt->p_type), dst_type_name(rt->d_type), > - rt->cost, > + rt->connected ? "C" : " ", path_type_name(rt->p_type), > + dst_type_name(rt->d_type), rt->cost, > rt->uptime == 0 ? "-" : fmt_timeframe_core(rt->uptime)); > free(dstnet); > break; > Index: ospf6d/ospf6d.h > === > RCS file: /cvs/src/usr.sbin/ospf6d/ospf6d.h,v > retrieving revision 1.45 > diff -u -p -r1.45 ospf6d.h > --- ospf6d/ospf6d.h 21 Jan 2020 20:38:52 - 1.45 > +++ ospf6d/ospf6d.h 1 Apr 2020 18:16:12 - > @@ -483,6 +483,7 @@ struct ctl_rt { > enum dst_typed_type; > u_int8_t flags; > u_int8_t prefixlen; > + u_int8_t connected; > }; > > struct ctl_sum { > Index: ospf6d/rde.c > === > RCS file: /cvs/src/usr.sbin/ospf6d/rde.c,v > retrieving revision 1.85 > diff -u -p -r1.85 rde.c > --- ospf6d/rde.c 29 Mar 2020 11:59:11 - 1.85 > +++ ospf6d/rde.c 1 Apr 2020 18:16:12 - > @@ -886,6 +886,9 @@ rde_send_change_kroute(struct rt_node *r > TAILQ_FOREACH(rn, >nexthop, entry) { > if (rn->invalid) > continue; > + if (rn->connected) > + /* skip self-originated routes */ > + continue; > krcount++; > > bzero(, sizeof(kr)); > @@ -899,8 +902,12 @@ rde_send_change_kroute(struct rt_node *r > kr.ext_tag = r->ext_tag; > imsg_add(wbuf, , sizeof(kr)); > } > - if (krcount == 0) > - fatalx("rde_send_change_kroute: no valid nexthop found"); > + if (krcount == 0) { > + /* no valid nexthop or self originated, so remove */ > + ibuf_free(wbuf); > + rde_send_delete_kroute(r); > + return; > + } > > imsg_close(_main->ibuf, wbuf); > imsg_event_add(iev_main); > Index: ospf6d/rde_spf.c > === > RCS file: /cvs/src/usr.sbin/ospf6d/rde_spf.c,v > retrieving revision 1.27 > diff -u -p -r1.27 rde_spf.c > --- ospf6d/rde_spf.c 29 Mar 2020 11:59:11 - 1.27 > +++ ospf6d/rde_spf.c 1 Apr 2020 18:16:12 - > @@ -897,7 +897,9 @@ rt_nexthop_add(struct rt_node *r, struct > rn->ifindex = vn->ifindex; > rn->adv_rtr.s_addr = adv_rtr.s_addr; > rn->uptime = now.tv_sec; > - rn->connected = vn->prev == spf_root; > + rn->connected = (type == LSA_TYPE_NETWORK && > + vn->prev == spf_root) || > + (IN6_IS_ADDR_UNSPECIFIED(>nexthop)); > rn->invalid = 0; > > r->invalid = 0; > @@ -952,21 +954,24 @@ rt_dump(struct in_addr area, pid_t pid, > fatalx("rt_dump: invalid RIB type"); > } > > + memset(, 0, sizeof(rtctl)); > + rtctl.prefix = r->prefix; > + rtctl.area.s_addr = r->area.s_addr; > + rtctl.cost = r->cost; > + rtctl.cost2 = r->cost2; > + rtctl.p_type = r->p_type; > + rtctl.d_type = r->d_type; > + rtctl.flags = r->flags; > + rtctl.prefixlen = r->prefixlen; > + > TAILQ_FOREACH(rn, >nexthop, entry) { > if (rn->invalid) > continue; > > - rtctl.prefix = r->prefix; > + rtctl.connected = rn->connected; > rtctl.nexthop = rn->nexthop; > rtctl.ifindex = rn->ifindex; > - rtctl.area.s_addr = r->area.s_addr; > rtctl.adv_rtr.s_addr = rn->adv_rtr.s_addr; > - rtctl.cost = r->cost; > - rtctl.cost2 = r->cost2; > - rtctl.p_type = r->p_type; > - rtctl.d_type = r->d_type; > -
simplepanel(4) man page stub
Hello, reading plus.html I noticed that the link to simplepanel(4) was a dead end. below is my attempt at a stub man page with what I could gather from plus.html and the commit log. Marcus --- /dev/null Sun Apr 5 15:13:10 2020 +++ src/share/man/man4/simplepanel.4Sun Apr 5 15:08:52 2020 @@ -0,0 +1,38 @@ +.\" Copyright (c) 2020 Patrick Wildt +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.Dd $Mdocdate: April 5 2020 $ +.Dt SIMPLEPANEL 4 +.Os +.Sh NAME +.Nm simplepanel +.Nd simple panel display +.Sh SYNOPSIS +.Cd "simplepanel* at mainbus?" +.Sh DESCRIPTION +The +.Nm +driver enables the Pinebook Pro display panel. +.Sh SEE ALSO +.Xr mainbus 4 +.Sh HISTORY +The +.Nm +driver first appeared in +.Ox 6.7 +.Sh AUTHORS +The +.Nm +driver was written by +.An Patrick Wildt Aq Mt patr...@openbsd.org .
Fix error path of VOP_IOCTL() in sr_hotspare()
In sr_hotspare(), the error path of VOP_IOCTL() appears to do a redundant VOP_CLOSE() and vput(). The diff below fixes that. The fail branch will close the vnode because `open' is true. OK? Index: dev/softraid.c === RCS file: src/sys/dev/softraid.c,v retrieving revision 1.399 diff -u -p -r1.399 softraid.c --- dev/softraid.c 10 Mar 2020 08:41:19 - 1.399 +++ dev/softraid.c 5 Apr 2020 12:08:08 - @@ -2846,8 +2846,6 @@ sr_hotspare(struct sr_softc *sc, dev_t d NOCRED, curproc)) { DNPRINTF(SR_D_META, "%s: sr_hotspare ioctl failed\n", DEVNAME(sc)); - VOP_CLOSE(vn, FREAD | FWRITE, NOCRED, curproc); - vput(vn); goto fail; } if (label.d_partitions[part].p_fstype != FS_RAID) {
Re: split futex into three
On 2020/04/05 10:28, Martin Pieuchot wrote: > Another way to proceed would be to do a port grep for futex and see what > the ecosystem is using. Sorry it's not filtered, but : https://junkpile.org/grep.futex.gz
Re: [PATCH] gostr341001: support unwrapped private keys support
> There is no English specification for GOST PKCS8 files yet, > unfortunately. You can find similar pieces of code in OpenSSL's GOST > engine (https://github.com/gost-engine/engine/blob/master/gost_ameth.c#L347) > and in GnuTLS > (https://gitlab.com/gnutls/gnutls/-/blob/master/lib/x509/privkey_pkcs8.c#L1159). I checked GOST engine one and I saw the similar implementation was there. This is just a question and not request, though, don't you need "V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED" case for now, since GOST engine has it. I would like to suggest two return value checks, for BN_mod_mul and unmask_priv_key, details are below. --- src/lib/libcrypto/gost/gostr341001_ameth.c | 75 -- 1 file changed, 70 insertions(+), 5 deletions(-) diff --git a/src/lib/libcrypto/gost/gostr341001_ameth.c b/src/lib/libcrypto/gost/gostr341001_ameth.c index 0f816377dde1..70bd3357f184 100644 --- a/src/lib/libcrypto/gost/gostr341001_ameth.c +++ b/src/lib/libcrypto/gost/gostr341001_ameth.c @@ -437,6 +437,56 @@ priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) return pub_print_gost01(out, pkey, indent, pctx); } +static BIGNUM *unmask_priv_key(EVP_PKEY *pk, + const unsigned char *buf, int len, int num_masks) +{ + BIGNUM *pknum_masked = NULL, *q = NULL; + const GOST_KEY *key_ptr = pk->pkey.gost; + const EC_GROUP *group = GOST_KEY_get0_group(key_ptr); + + pknum_masked = GOST_le2bn(buf, len, NULL); + if (!pknum_masked) { + GOSTerror(ERR_R_MALLOC_FAILURE); + return NULL; + } + + if (num_masks > 0) { + /* +* XXX Remove sign by gost94 +*/ + const unsigned char *p = buf + num_masks * len; + + q = BN_new(); + if (!q) { + GOSTerror(ERR_R_MALLOC_FAILURE); + BN_free(pknum_masked); + pknum_masked = NULL; + goto end; + } + if (EC_GROUP_get_order(group, q, NULL) <= 0) { + GOSTerror(ERR_R_EC_LIB); + BN_free(pknum_masked); + pknum_masked = NULL; + goto end; + } + + for (; p != buf; p -= len) { + BIGNUM *mask = GOST_le2bn(p, len, NULL); + BN_CTX *ctx = BN_CTX_new(); + + BN_mod_mul(pknum_masked, pknum_masked, mask, q, ctx); BN_mod_mul might fail and return 0 on error. I would like to suggest checking this. + + BN_CTX_free(ctx); + BN_free(mask); + } + } + +end: + if (q) + BN_free(q); + return pknum_masked; +} + static int priv_decode_gost01(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf) { @@ -450,6 +500,7 @@ priv_decode_gost01(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf) GOST_KEY *ec; int ptype = V_ASN1_UNDEF; ASN1_STRING *pval = NULL; + int expected_key_len; if (PKCS8_pkey_get0(_obj, _buf, _len, , p8inf) == 0) { GOSTerror(GOST_R_BAD_KEY_PARAMETERS_FORMAT); @@ -467,29 +518,43 @@ priv_decode_gost01(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf) return 0; } p = pkey_buf; - if (V_ASN1_OCTET_STRING == *p) { + + expected_key_len = (pkey_bits_gost01(pk) + 7) / 8; + if (expected_key_len == 0) { + EVPerror(EVP_R_DECODE_ERROR); + return 0; + } else if (priv_len % expected_key_len == 0) { + /* Key is not wrapped but masked */ + pk_num = unmask_priv_key(pk, pkey_buf, expected_key_len, unmask_priv_key returns NULL on error. I would like to suggest checking this. + priv_len / expected_key_len - 1); + } else if (V_ASN1_OCTET_STRING == *p) { /* New format - Little endian octet string */ ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL, , priv_len); if (s == NULL) { - GOSTerror(EVP_R_DECODE_ERROR); + EVPerror(EVP_R_DECODE_ERROR); ASN1_STRING_free(s); return 0; } pk_num = GOST_le2bn(s->data, s->length, NULL); ASN1_STRING_free(s); - } else { + } else if (V_ASN1_INTEGER == *p) { priv_key = d2i_ASN1_INTEGER(NULL, , priv_len); - if (priv_key == NULL) + if (priv_key == NULL) { + EVPerror(EVP_R_DECODE_ERROR); return 0; + } ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL); ASN1_INTEGER_free(priv_key); if (ret == 0) { -
Re: [patch] Remove old sshd_config(5) keyword from authpf(8) manual
On Sun, Apr 05, 2020 at 11:05:48AM +0200, Martin Vahlensieck wrote: > Hi! > > From my research in the cvs history of sshd_config.5 the `Protocol' > keyword was removed in 2016, so remove it here as well. > > Best, > > Martin > fixed, thanks. jmc > Index: authpf.8 > === > RCS file: /cvs/src/usr.sbin/authpf/authpf.8,v > retrieving revision 1.54 > diff -u -p -r1.54 authpf.8 > --- authpf.8 1 Nov 2015 21:26:48 - 1.54 > +++ authpf.8 5 Apr 2020 09:01:48 - > @@ -379,7 +379,6 @@ must be properly configured to detect an > To that end, the following options should be added to > .Xr sshd_config 5 : > .Bd -literal -offset indent > -Protocol 2 > ClientAliveInterval 15 > ClientAliveCountMax 3 > .Ed >
Re: [UPDATE] xcb-proto and libxcb 1.14
On Sun, Mar 22, 2020 at 08:13:11PM +0100, Matthieu Herrb wrote: > Hi, > > the patch below updates XCB (xcb-proto and libxcb) to version 1.14.0. > > I've been running this on amd64 for a while. Comments ? ok ? > > Note that it goes together with an update to the x11/py-xcbgen port > that I'm sending to ports@ at the same time. Ping -- Matthieu Herrb
[patch] Remove old sshd_config(5) keyword from authpf(8) manual
Hi! >From my research in the cvs history of sshd_config.5 the `Protocol' keyword was removed in 2016, so remove it here as well. Best, Martin Index: authpf.8 === RCS file: /cvs/src/usr.sbin/authpf/authpf.8,v retrieving revision 1.54 diff -u -p -r1.54 authpf.8 --- authpf.81 Nov 2015 21:26:48 - 1.54 +++ authpf.85 Apr 2020 09:01:48 - @@ -379,7 +379,6 @@ must be properly configured to detect an To that end, the following options should be added to .Xr sshd_config 5 : .Bd -literal -offset indent -Protocol 2 ClientAliveInterval 15 ClientAliveCountMax 3 .Ed
Re: split futex into three
On 04/04/20(Sat) 22:30, Philip Guenther wrote: > [...] > glibc has internal inline functions futex_wait() and futex_wake() and > there has been at least discussion about exporting some version of them. > If our signatures matched the last-best-proposal over there (which was > dropped, mind you) then I would be tempted to use those names. If not, > then maybe go with _futex_wait() and _futex_wake()? Do you know if those are similar to Mesa's function with the same names found in lib/mesa/src/util/futex.h ? Is the wait variant accepting relative or absolute timeout? Another way to proceed would be to do a port grep for futex and see what the ecosystem is using. > FUTEX_REQUEUE is the old bad one, with no val3 argument that's checked > before the operation. Our libc/libpthread don't actually use them, and in > the Linux world glibc switched completely to FUTEX_CMP_REQUEUE. Perhaps > we should drop support for FUTEX_REQUEUE (major bump, yah) and add > _futex_cmp_requeue(2) when we need it? > > [...] > > The prototypes I think I was imagining (*without* doing the checking > against glibc's proposal that I suggested, thus _futex* names) would be > something like: > > int _futex_wait(uint32_t *_futex, uint32_t _val, clockid_t _clock_id, > const struct timespec *_timeout, int _flags); > int _futex_wake(uint32_t *_futex, int _nr_wake, int _flags); > int _futex_cmp_requeue(uint32_t *_futex, int _nr_wake, int _nr_move, > uint32_t *_futex2, uint32_t _val, int _flags); Isn't wake redundant with cmp_requeue?