CVS: cvs.openbsd.org: src

2022-08-18 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/08/18 23:53:28

Modified files:
usr.bin/ssh: sk-usbhid.c 

Log message:
remove incorrect check that can break enrolling a resident key
(introduced in r1.40)

CVS: cvs.openbsd.org: src

2022-08-18 Thread Martin Pieuchot 
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2022/08/18 23:53:19

Modified files:
sys/uvm: uvm_pager.c 

Log message:
Grab the mutex before iterating on the global list.

Prevent race reported some months ago.

ok mlarkin@, jsg@, kn@

CVS: cvs.openbsd.org: src

2022-08-18 Thread Jason McIntyre 
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2022/08/18 23:47:32

Modified files:
usr.sbin/ypldap: ypldap.conf.5 

Log message:
spelling;

CVS: cvs.openbsd.org: src

2022-08-18 Thread Darren Tucker 
CVSROOT:/cvs
Module name:src
Changes by: dtuc...@cvs.openbsd.org 2022/08/18 22:02:46

Modified files:
usr.bin/ssh: ssh-keyscan.c 

Log message:
Strictly enforce the maximum allowed SSH2 banner size in ssh-keyscan
and prevent a one-byte buffer overflow.  Patch from Qualys, ok djm@

CVS: cvs.openbsd.org: src

2022-08-18 Thread Jonathan Matthew 
CVSROOT:/cvs
Module name:src
Changes by: jmatt...@cvs.openbsd.org2022/08/18 21:50:32

Modified files:
usr.sbin/ypldap: parse.y yp.c ypldap.conf.5 ypldap.h 

Log message:
Add local bind mode, where ypldap manages the YP binding file itself
rather than relying on ypbind to do it, which also means you don't need
portmap running.  In this mode, ypldap binds its rpc sockets to loopback,
so YP services are only available to the host it's running on.  The
previous behaviour, now called portmap bind mode, is still the default.

encouragement from deraadt@ and dlg@

CVS: cvs.openbsd.org: src

2022-08-18 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/08/18 21:06:30

Modified files:
usr.bin/ssh: sshsig.c 

Log message:
double free() in error path; from Eusgor via GHPR333

CVS: cvs.openbsd.org: src

2022-08-18 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2022/08/18 12:42:13

Modified files:
lib/libcrypto/man: BIO_ctrl.3 

Log message:
Adjust signatures of BIO_ctrl functions

In bio.h r1.54, the signature of BIO_callback_ctrl() was changed from
bio_info_cb to BIO_info_cb. Adjust manual to reflect this change.

At the moment, bio_info_cb and BIO_info_cb are still distinct types with
our BIO_info_cb matching OpenSSL's definition. Historically, bio_info_cb
had a different type, but that leads to issues with casting function
pointers. The ecosystem has moved on to embrace the new type and several
ports confuse the two types because OpenSSL decided to "solve" the issues
with "typedef BIO_info_cb bio_info_cb; /* backward compatibilty */". We
will align with this in the next bump.

ok jsing

CVS: cvs.openbsd.org: src

2022-08-18 Thread Claudio Jeker 
CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2022/08/18 11:02:42

Modified files:
usr.sbin/bgpd  : kroute.c 

Log message:
In kroute_insert() fix the check for multipath routes. Use a helper variable
since krm is only set for IPv4 routes but not for IPv6 ones.
OK tb@

CVS: cvs.openbsd.org: src

2022-08-18 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2022/08/18 10:26:33

Modified files:
lib/libcrypto/x509: x509_req.c 

Log message:
Allow empty attribute sets in CSRs

While each attribute must contain at least one extension, it is not
required that a CSR have attributes at all. Instead of signalling an
error by returning NULL if no extensions are found, return an empty
stack of extensions.

Via OpenSSL 1f02ca2d

ok jsing

CVS: cvs.openbsd.org: src

2022-08-18 Thread Job Snijders 
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2022/08/18 09:20:27

Modified files:
usr.sbin/rpki-client: extern.h mft.c 

Log message:
Remove dangling ASPA references until we land real support

OK tb@

CVS: cvs.openbsd.org: src

2022-08-18 Thread Jonathan Gray 
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2022/08/18 07:05:43

Modified files:
sys/arch/i386/i386: machdep.c 

Log message:
repair printing of cpu class after machdep.c 1.652
ok daniel@ mlarkin@

CVS: cvs.openbsd.org: src

2022-08-18 Thread Claudio Jeker 
CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2022/08/18 06:14:00

Modified files:
usr.sbin/bgpd  : kroute.c 

Log message:
There is no need to pass the fd to send_rtmsg(), the fd is always the
one from kr_state and removing this argument helps portability.
OK tb@

CVS: cvs.openbsd.org: src

2022-08-18 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2022/08/18 01:00:59

Modified files:
lib/libssl : ssl_locl.h 

Log message:
Tweak prototype to match function definition (n -> index)

CVS: cvs.openbsd.org: src

2022-08-18 Thread Miod Vallat 
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2022/08/18 00:31:36

Modified files:
sys/arch/loongson/dev: glx.c glxclk.c 

Log message:
Move recomputation of hz and stathz from glk to glkclk, lets a kernel with
glkclk disabled keep correct values of those. NFC