CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: t...@cvs.openbsd.org2022/03/26 19:55:16 Modified files: . : ftp.html build : mirrors.dat openbgpd : ftp.html openntpd : portable.html openssh: ftp.html portable.html rpki-client: portable.html Log message: update sandyriver mirror's rsync path; requested by the maintainer
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: inogu...@cvs.openbsd.org2022/03/26 18:37:10 Modified files: usr.bin/openssl: ts.c Log message: Check EVP_Digest* functions return value in openssl(1) ts Move up md_ctx and add EVP_MD_CTX_free under the 'err:' label. CID 149810 comment and ok jsing@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2022/03/26 10:34:21 Modified files: lib/libcrypto/x509: x509_alt.c x509_constraints.c Log message: name constraints: be more careful with NULs An IA5STRING is a Pascal string that can have embedded NULs and is not NUL terminated (except that for legacy reasons it happens to be). Instead of taking the strlen(), use the already known ASN.1 length and use strndup() instead of strdup() to generate NUL terminated strings after some existing code has checked that there are no embedded NULs. In v2i_GENERAL_NAME_ex() use %.*s to print the bytes. This is not optimal and might be switched to using strvis() later. ok beck inoguchi jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2022/03/26 09:05:54 Modified files: lib/libssl : d1_pkt.c ssl_pkt.c Log message: Clean up {dtls1,ssl3}_read_bytes() Now that {dtls1,ssl3}_read_bytes() have been refactored, do a clean up pass - this cleans up various parts of the code and reduces differences between these two functions. ok = 1; *(&(ok)) tb@ ok inoguchi@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2022/03/26 09:00:51 Modified files: lib/libssl : d1_pkt.c Log message: Remove the minimum record length checks from dtls1_read_bytes() The code that handles each record type already has appropriate length checks. Furthermore, the handling of application data here is likely incorrect and bypasses the normal state checks at the end of this function. ok inoguchi@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2022/03/26 08:54:58 Modified files: lib/libcrypto/asn1: a_object.c Log message: Convert c2i_ASN1_OBJECT() and d2i_ASN1_OBJECT to CBS. Along the way, rather than having yet another piece of code that parses OID arcs, reuse oid_parse_arc(). Always allocate a new ASN1_OBJECT rather than doing a crazy dance with ASN1_OBJECT_FLAG_DYNAMIC and trying to free parts of an ASN1_OBJECT if one is passed in. ok inoguchi@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2022/03/26 08:47:59 Modified files: lib/libcrypto/asn1: asn1_lib.c asn1_locl.h Log message: Provide asn1_get_primitive() This takes a CBS, gets the ASN.1 identifier and length, ensures the resulting identifier is a valid primitive, then returns the tag number and the content as a CBS. ok inoguchi@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2022/03/26 08:26:44 Modified files: etc/etc.i386 : disktab sys/arch/i386/conf: RAMDISK_CD distrib/i386/ramdisk_cd: Makefile Log message: grow i386 media
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: s...@cvs.openbsd.org2022/03/26 08:25:15 Modified files: sys/arch/i386/conf: GENERIC RAMDISK_CD sys/arch/macppc/conf: GENERIC RAMDISK sys/arch/arm64/conf: GENERIC RAMDISK Log message: Enable mtw(4) on i386, macppc, and arm64. Testing by hastings@ and myself. i386 has a media size issue, deraadt@ will sort it out.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2022/03/26 06:43:12 Modified files: share/man/man1 : dpb.1 Log message: typo: currents -> current
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: jmatt...@cvs.openbsd.org2022/03/26 00:04:20 Modified files: sys/dev/pci: if_aq_pci.c Log message: Expand tx dma maps to allow packets up to the MTU limit to be transmitted. Don't clear TPB_TX_BUF_EN when taking the interface down, as somehow that causes transmission to fail when the interface comes up again if any large packets had been sent. Handle packets received into multiple rx buffers using the same approach as ixl(4), with the addition that a receive error can be signaled on any of the buffers rather than just the last one. Set the low water mark on the rx ring so there are always enough buffers to receive the largest packet supported by the interface, and fix the calculation of the data pointer in rx buffers so there's actually MCLBYTES space available. ok dlg@