CVS: cvs.openbsd.org: src

[Inoguchi Kinichiro]

CVSROOT:/cvs
Module name:src
Changes by: inogu...@cvs.openbsd.org2021/09/04 22:05:14

Modified files:
usr.bin/openssl: ca.c 

Log message:
Remove unused variable tmptm in do_body of openssl(1) ca

CVS: cvs.openbsd.org: src

[Inoguchi Kinichiro]

CVSROOT:/cvs
Module name:src
Changes by: inogu...@cvs.openbsd.org2021/09/04 19:55:54

Modified files:
usr.bin/openssl: ca.c openssl.1 

Log message:
Using serial number instead as subject if it is empty in openssl(1) ca

This allows multiple entries without a subject even if unique_subject == yes.
Referred to OpenSSL commit 5af88441 and arranged for our codebase.

ok tb@

CVS: cvs.openbsd.org: src

[Inoguchi Kinichiro]

CVSROOT:/cvs
Module name:src
Changes by: inogu...@cvs.openbsd.org2021/09/04 19:49:42

Modified files:
usr.bin/openssl: ca.c 

Log message:
Check extensions before setting version to v3

Referred to OpenSSL commit 4881d849 and arranged for our codebase.

comment and ok from tb@

CVS: cvs.openbsd.org: src

[Inoguchi Kinichiro]

CVSROOT:/cvs
Module name:src
Changes by: inogu...@cvs.openbsd.org2021/09/04 19:33:19

Modified files:
usr.bin/openssl: ca.c 

Log message:
Use accessor method rather than direct X509 structure access

Referred to OpenSSL commit a8d8e06b and arranged for our codebase.

comment and ok from tb@

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2021/09/04 17:58:54

Modified files:
distrib/sets/lists/man: mi 

Log message:
sync

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2021/09/04 16:37:26

Modified files:
usr.bin/mandoc : main.c 

Log message:
during prioritization for man(1), correctly extract the section name
from the file name extension of gzipped manual page files; bug found
on Alpine Linux by Soeren Tempel ,
who also tested this patch

CVS: cvs.openbsd.org: src

[Alexander Bluhm]

CVSROOT:/cvs
Module name:src
Changes by: bl...@cvs.openbsd.org   2021/09/04 16:15:33

Modified files:
sys/arch/amd64/amd64: acpi_wakecode.S aes_intel.S copy.S 
  locore.S mds.S spl.S vector.S 
  vmm_support.S 
sys/arch/amd64/include: asm.h profile.h 

Log message:
To mitigate against spectre attacks, AMD processors without the
IBRS feature need an lfence instruction after every near ret.  Place
them after all functions in the kernel which are implemented in
assembler.  Change the retguard macro so that the end of the lfence
instruction is 16-byte aligned now.  This prevents that the ret
instruction is at the end of a 32-byte boundary.  The latter would
cause a performance impact on certain Intel processors which have
a microcode update to mitigate the jump conditional code erratum.
See software techniques for managing speculation on AMD processors
revision 9.17.20 mitigation G-5.
See Intel mitigations for jump conditional code erratum revision
1.0 november 2019 2.4 software guidance and optimization methods.
OK deraadt@ mortimer@

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2021/09/04 14:24:41

Modified files:
usr.bin/mandoc : att.c 

Log message:
mdoc(7): improve output of .At 32v

The official designation by AT was "UNIX/32V", so use that in the output.
That also makes sense because "system/architecture" is a widespread
convention to refer to the port of an operating system to a specific
architecture, in this case 32V (32bit DEC VAX).

The former wording "Version 32V AT UNIX" was misleading
because 32V is not a version number.

Even though UNIX/32V was not officially designated as Version 7 by AT,
prepend "Version 7" because it was in fact a straightforward port of
Version 7 AT UNIX.  That makes it easier to understand for 21st
century readers of manual pages.

Suggested by nabijaczleweli at nabijaczleweli dot xyz.
Same change as in GNU troff commit 21d30728.
OK  G dot Branden dot Robinson at gmail dot com  (gbranden@ in groff)

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2021/09/04 13:21:39

Modified files:
usr.bin/sort   : sort.1 

Log message:
delete a stray word reported by wilfried dot meindl at gmail dot com;
while here, delete the redundant word "will" right in front of it, too

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2021/09/04 10:26:12

Modified files:
lib/libssl : Makefile tls13_internal.h tls13_legacy.c 
 tls13_record_layer.c 
Added files:
lib/libssl : tls_content.c tls_content.h 

Log message:
Factor out the TLSv1.3 code that handles content from TLS records.

Currently, the plaintext content from opened TLS records is handled via
the rbuf code in the TLSv1.3 record layer. Factor this out and provide a
separate struct tls_content, which knows how to track and manipulate the
content.

This makes the TLSv1.3 code cleaner, however it will also soon also be used
to untangle parts of the legacy record layer.

ok beck@ tb@

CVS: cvs.openbsd.org: src

[Bob Beck]

CVSROOT:/cvs
Module name:src
Changes by: b...@cvs.openbsd.org2021/09/04 09:21:45

Modified files:
lib/libssl : ssl_lib.c 

Log message:
Refactor ssl_update_cache. This now matches the logic used for TLS 1.3
in Openssl 1.1.1 for when to call the session callbacks. I believe it
to also generates a lot less eye bleed, confirmed by tb@

ok jsing@ tb@

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2021/09/04 08:31:54

Modified files:
lib/libssl : d1_pkt.c 

Log message:
Improve DTLS hello request handling code.

Rather than manually checking multiple bytes, actually parse the DTLS
handshake message header, then check the values against what we parsed.

ok inoguchi@ tb@

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2021/09/04 08:24:28

Modified files:
lib/libssl : d1_both.c d1_pkt.c dtls_locl.h 

Log message:
Change dtls1_get_message_header() to take a CBS.

The callers know the actual length and can initialise a CBS correctly.

ok inoguchi@ tb@

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2021/09/04 08:15:52

Modified files:
lib/libssl : d1_pkt.c 

Log message:
Improve DTLS record header parsing.

Rather than pulling out the epoch and then six bytes of sequence number,
pull out SSL3_SEQUENCE_SIZE for the sequence number, then pull the epoch
off the start of the sequence number.

ok inoguchi@ tb@

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2021/09/04 06:47:04

Modified files:
usr.bin/mandoc : main.c 

Log message:
In the fallback code to look for manual pages without using mandoc.db(5),
accept files "man/."
in addition the already supported "man/name.[01-9]*".
Needed for example on Alpine Linux which puts its Perl manuals
into "man3/.3pm" and the POSIX manuals into "man3/.3p".

While here, allow the glob(3) at the end of fs_lookup() to add multiple
matches to the result set.  This improves man -w output and may also
help some cases of plain man(1), allowing main() to prioritize properly
rather than fs_lookup() picking a random match.

None of this really matters for standard manpaths on OpenBSD because
both base system and ports developers are highly disciplined about
putting manual pages into properly named files and directories, but
even on OpenBSD, it may help to access some raw, unported third-party
manual page trees.

Issue reported and patch tested
by Soeren Tempel .

CVS: cvs.openbsd.org: src

[Jonathan Matthew]

CVSROOT:/cvs
Module name:src
Changes by: jmatt...@cvs.openbsd.org2021/09/04 06:11:46

Modified files:
share/man/man4 : Makefile usb.4 
sys/dev/usb: files.usb 
Added files:
share/man/man4 : uaq.4 
sys/dev/usb: if_uaq.c 

Log message:
Add uaq(4), a driver for Aquantia AQC111U/AQC112U USB ethernet devices.

hardware provided by Brad
tested with modest success by mlarkin@, kevlo@ and Brad
ok kevlo@

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2021/09/04 05:58:31

Modified files:
usr.bin/timeout: timeout.1 

Log message:
* avoid the misleading wording "second kill signal"
* simplify and shorten EXIT STATUS, no change with respect to the meaning
* cut down HISTORY to the usual amount of information
feedback deraadt@ and jmc@; OK deraadt@; OK jmc@ on an earlier version

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2021/09/04 05:49:11

Modified files:
usr.bin/timeout: timeout.c 

Log message:
* more specific error messages
* no need to check suffix != NULL twice in a row
* style:  *(suffix + 1)  ->  suffix[1]
feedback & OK deraadt@

CVS: cvs.openbsd.org: src

[Marcus Glocker]

CVSROOT:/cvs
Module name:src
Changes by: mgloc...@cvs.openbsd.org2021/09/04 04:19:28

Modified files:
sys/dev/usb/dwc2: dwc2_hcd.c dwc2_hcdddma.c dwc2_hcdintr.c 
  dwc2_hcdqueue.c 

Log message:
Revert list_move() to list_move_tail() change from last commit since it
turned out that it has a negative impact to isoc transfers timing with our
driver implementation.

CVS: cvs.openbsd.org: src

[Jasper Lievisse Adriaanse]

CVSROOT:/cvs
Module name:src
Changes by: jas...@cvs.openbsd.org  2021/09/04 01:13:14

Modified files:
sys/arch/amd64/amd64: db_trace.c 

Log message:
in backtraces, print as many arguments as the function actually has

since amd64 is compiled with -msave-args we have all arguments available to 
print and
there's no reason to limit this to six.

discussed with kettenis@

CVS: cvs.openbsd.org: src

[Moritz Buhl]

CVSROOT:/cvs
Module name:src
Changes by: mb...@cvs.openbsd.org   2021/09/04 01:06:58

Modified files:
regress/lib/libc/sys: Makefile 

Log message:
Disable tests that don't work in bluhms regress framework.