CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2019/03/18 00:41:53 Modified files: usr.sbin/tcpdump: tcpdump.8 Log message: tweak previous;
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2019/03/18 00:23:38 Modified files: lib/libssl/man : SSL_CTX_new.3 Log message: In ssl.h rev. 1.165, tb@ provided version agnostic DTLS methods. Document them.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2019/03/17 23:56:24 Modified files: lib/libcrypto/man: EVP_EncryptInit.3 Makefile evp.3 Added files: lib/libcrypto/man: EVP_sm4_cbc.3 Log message: Document SM4; related to evp.h rev. 1.73.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 23:34:29 Modified files: lib/libcrypto/evp: evp_err.c Log message: Expand the ERR_PACK() macro to ERR_REASON() for consistency. No binary change.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2019/03/17 22:34:06 Modified files: distrib/sets/lists/base: mi distrib/sets/lists/comp: mi distrib/sets/lists/man: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2019/03/17 22:32:31 Modified files: usr.bin: Makefile usr.bin/rsync : Makefile Log message: install rsync as openrsync, so that people can easily familiarize themselves with using it (as front end -- it will talk to the installed 'rsync' on the remote side). this will allow folks to give it a shot, identify weaknesses, collaborate, etc etc etc discussed with benno
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2019/03/17 22:12:03 Modified files: sys/conf : GENERIC Log message: enable mpip(4) ok deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2019/03/17 22:01:53 Modified files: lib/libcrypto/man: EVP_PKEY_set1_RSA.3 Log message: In evp.h rev. 1.75, tb@ provided EVP_PKEY_get0_hmac(3). Document it. Even though OpenSSL muddles the waters by lumping the description together with the other EVP_PKEY_get0_*() functions, describe it separately because a char * has no reference count and because the function fills in an additional length parameter.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2019/03/17 21:21:20 Modified files: sys/net: if_mpe.c Log message: tweak SIOCGETLABEL and add SIOCDELLABEL makes mpe consistent with mpw and mpip
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2019/03/17 21:20:36 Modified files: sys/net: if_mpw.c if_mpip.c Log message: make SIOCGETLABEL fail with EADDRNOTAVAIL if the label is not set. this makes ifconfig print "(unset)" to show the label isn't set yet.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2019/03/17 18:09:23 Modified files: usr.sbin/tcpdump: privsep.c privsep.h privsep_pcap.c tcpdump.8 tcpdump.c Log message: support configuring BIOCSFILDROP with tcpdump. this allows tcpdump to be used a quick and dirty firewall. it also looks like an amazing foot-gun, so be careful. for example `tcpdump -B drop -i ix1 udp and port 7` lets you completely drop discard packets in the hardware interrupt handler. ok sthen@ mikeb@ claudio@ visa@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2019/03/17 18:05:53 Modified files: sys/net: bpf.c share/man/man4 : bpf.4 Log message: extend BIOCSFILDROP so it can be configured to not capture packets. BIOCSFILDROP was already able to be used as a quick and dirty firewall, which is especially useful when you you want to filter non-ip things. however, capturing the packets you're dropping is a lot of overhead when you just want to drop stuff. this extends fildrop so you can tell bpf not to capture the packets it drops. ok sthen@ mikeb@ claudio@ visa@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2019/03/17 18:00:59 Modified files: sbin/dhclient : bpf.c usr.sbin/dhcpd : bpf.c usr.sbin/dhcrelay6: bpf.c Log message: explicitly use BPF_FILDROP_CAPTURE when configuring BIOCSFILDROP BIOCSFILDROP used to just be a flag, ie, any non-zero value was treated the same, but i'm changing it so different values do different things. this way the programs should keep working even if i decide to change the values for these macros.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2019/03/17 17:57:13 Modified files: sys/net: bpf.h Log message: extend BIOCSFILDROP so it can be configured to not capture packets. this just provides the macros for the different values for BIOCGFILDROP and BIOCSFILDROP, the implementation behing them is coming. ok sthen@ mikeb@ claudio@ visa@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mgloc...@cvs.openbsd.org2019/03/17 16:05:37 Modified files: sys/dev/usb: xhci.c Log message: Since an isoc endpoint never halts, move to remaining error handling code in xhci_event_xfer() to the generic handler function. suggested and ok mpi@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: t...@cvs.openbsd.org2019/03/17 15:37:37 Modified files: . : 65.html Log message: Mention SM4 and AES key wrap via EVP.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: n...@cvs.openbsd.org2019/03/17 13:33:12 Modified files: usr.bin/tmux : tmux.1 Log message: Break description of styles into its own section.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 12:33:01 Modified files: regress/lib/libcrypto/evp: evptest.c evptests.txt Log message: Add regress tests for the EVP_aes_*_wrap() API. Based on the tests in OpenSSL 1.0.2r which is still freely licenced with a tweak by jsing.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 12:21:25 Modified files: distrib/sets/lists/base: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 12:19:34 Modified files: lib/libcrypto : shlib_version lib/libssl : shlib_version lib/libtls : shlib_version Log message: bump minors after symbol addition
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2019/03/17 12:20:07 Modified files: usr.bin/mandoc : eqn_html.c tbl_html.c Log message: The header file "html.h" uses enum roff_tok, so "roff.h" must be included before it. Diff from bcallah@ tweaked by me; he found the bug by compiling with pcc.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 12:17:45 Modified files: lib/libcrypto : Symbols.list lib/libcrypto/evp: evp.h evp_err.c p_lib.c Log message: Provide EVP_PKEY_get0_hmac(). From OpenSSL 1.1.1 which is still freely licensed. >From jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2019/03/17 12:07:41
Modified files:
lib/libcrypto : Symbols.list
lib/libcrypto/evp: c_all.c e_aes.c evp.h evp_enc.c evp_err.c
Log message:
Provide EVP_aes_{128,192,256}_wrap(). This is a compatible
implementation based on the one in OpenSSL 1.0.2r which is
still freely licensed.
The functions are undocumented in OpenSSL. To use them, one
needs to set the undocumented EVP_CIPHER_CTX_FLAG_WRAP_ALLOW
flag on the EVP_CIPHER_CTX.
resolves #505
ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 11:51:05 Modified files: distrib/sets/lists/comp: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 11:49:12 Modified files: regress/lib/libcrypto: Makefile Log message: link sm4 regress to the build
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 11:48:31 Added files: regress/lib/libcrypto/sm4: Makefile sm4test.c Log message: Add a regress test for the SM4 block cipher from the Chinese standard GB/T 32907-2016. Patch from Daniel Wyatt ok inoguchi, jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 11:46:00 Modified files: usr.bin/openssl: openssl.c Log message: Add the SM4 block cipher from the Chinese standard GB/T 32907-2016. Patch from Daniel Wyatt ok inoguchi, jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 11:42:37 Modified files: lib/libcrypto : Makefile Symbols.list lib/libcrypto/evp: c_all.c evp.h lib/libcrypto/objects: objects.txt Added files: lib/libcrypto/evp: e_sm4.c lib/libcrypto/sm4: sm4.c sm4.h Log message: Add the SM4 block cipher from the Chinese standard GB/T 32907-2016. This is an ISC licensed version based on the sources by Ribose Inc that were ported to OpenSSL in 2017. Patch from Daniel Wyatt with minor tweaks. ok inoguchi, jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 11:38:07 src/regress/lib/libcrypto/sm4 Update of /cvs/src/regress/lib/libcrypto/sm4 In directory cvs.openbsd.org:/tmp/cvs-serv16368/sm4 Log Message: Directory /cvs/src/regress/lib/libcrypto/sm4 added to the repository
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2019/03/17 11:32:25 src/lib/libcrypto/sm4 Update of /cvs/src/lib/libcrypto/sm4 In directory cvs.openbsd.org:/tmp/cvs-serv9523/sm4 Log Message: Directory /cvs/src/lib/libcrypto/sm4 added to the repository
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2019/03/17 11:28:09 Modified files: lib/libssl : Symbols.list ssl.h ssl_methods.c Log message: Provide version agnostic DTLS methods. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2019/03/17 10:32:29 Modified files: distrib/sgi/iso: Makefile etc/etc.sgi: disktab Log message: Grow sgi ISO/FS media space to cope with the clang growth.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: v...@cvs.openbsd.org2019/03/17 10:31:26 Modified files: sys/arch/octeon/dev: octcit.c octciu.c Log message: Remember to detach the event counter when disestablishing an interrupt handler.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: v...@cvs.openbsd.org2019/03/17 10:27:16 Modified files: sys/arch/octeon/dev: octciu.c Log message: Replace a hand-rolled linked list with SLIST.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2019/03/17 09:48:02 Modified files: lib/libssl : tls13_handshake.c Log message: Correct return value handling in tls13_handshake_recv_action(). The recv action handler returns success/failure, rather than a TLS13_IO_* value, which is what tls13_handshake_recv_action() needs to return. Failure previously mapped to TLS13_IO_EOF, which is not ideal. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2019/03/17 09:16:39
Modified files:
lib/libssl : ssl_clnt.c ssl_pkt.c ssl_tlsext.c tls1.h
Log message:
Partially clean up the TLS1_get_{,client}_version macros.
LibreSSL only supports TLSv1.0 and above, hence the checks the macros are
performing are useless. Simplify them to their effective code. Also place
both under #ifndef LIBRESSL_INTERNAL and use the variables directly in our
code, which improves readability.
ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2019/03/17 09:13:23 Modified files: lib/libssl : tls13_internal.h tls13_lib.c tls13_record_layer.c Log message: Remove the alert level from the TLSv1.3 alert callback. In TLSv1.3 the alert level is effectively meaningless and the record layer has already checked that it is appropriate. As such, drop it from the alert callback. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mgloc...@cvs.openbsd.org2019/03/17 05:28:07 Modified files: sys/dev/usb: xhci.c Log message: Move the handler code in the xhci_event_xfer() switch case in two separate functions for isoc and !isoc xfers. Suggested by mpi@. ok patrick@, stsp@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2019/03/17 04:43:24 Modified files: usr.bin/bgplg : bgplgsh.8 Log message: correct example; from pierre emeriaud ok claudio
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mgloc...@cvs.openbsd.org2019/03/17 02:13:48 Modified files: sys/dev/usb: xhci.c Log message: Remove obsolete semicolon at end of case switch.
