CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 22:46:57

Modified files:
lib/libcrypto/bn/arch/aarch64: bn_arch.h 

Log message:
Provide optimised versions of bn_addw() and bn_subw() for aarch64.

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 22:30:20

Modified files:
lib/libcrypto/bn: bn_local.h 

Log message:
Remove now unused tangle of mul*/sqr* and BN_UMULT_* macros.

No, I'm not trying to overwhelm you... however, we really no longer need
this clutter.

ok tb@

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 22:13:34

Modified files:
lib/libcrypto/bn: bn_internal.h bn_sqr.c 

Log message:
Reimplement bn_sqr_comba{4,8}().

Use bignum primitives rather than the current mess of macros.The sqr_add_c
macro gets replaced with bn_mulw_addtw(), while the sqr_add_c2 macro gets
replaced with bn_mul2_mulw_addtw().

The variables in the comba functions have also been reordered, so that the
patterns are easier to understand - the compiler can take care of
optimising the inputs and outputs to avoid register moves.

ok tb@

CVS: cvs.openbsd.org: src

[Darren Tucker]

CVSROOT:/cvs
Module name:src
Changes by: dtuc...@cvs.openbsd.org 2023/02/16 21:22:51

Modified files:
usr.bin/ssh: auth2-hostbased.c auth2-pubkey.c compat.c 
 compat.h kex.c monitor.c sshconnect2.c 

Log message:
Remove now-unused compat bit SSH_BUG_RSASIGMD5.  The code to set this
was removed in OpenSSH 7.7 when support for SSH implementations dating
back to before RFC standardization were removed.  "burn it all" djm@

CVS: cvs.openbsd.org: src

[Darren Tucker]

CVSROOT:/cvs
Module name:src
Changes by: dtuc...@cvs.openbsd.org 2023/02/16 20:06:18

Modified files:
usr.bin/ssh: compat.c compat.h 

Log message:
Remove now-unused compat bit SSH_BUG_BIGENDIANAES.  This was
previously set for OpenSSH 2.3 (released in 2000) but this check
was removed in OpenSSH 7.7 (2018).  ok djm@ deraadt@

CVS: cvs.openbsd.org: src

[Jason McIntyre]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2023/02/16 13:33:07

Modified files:
usr.sbin/rpki-client: rpki-client.8 

Log message:
- remove a leftover .El
- escape "An" as this is also a macro

CVS: cvs.openbsd.org: src

[Miod Vallat]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2023/02/16 13:32:39

Modified files:
sys/arch/arm64/include: pmap.h 
sys/arch/riscv64/include: pmap.h 

Log message:
Remove obsolete __HAVE_VM_PAGE_MD define - all platforms provide vm_page_md
those days, and nothing checks for that symbol anymore.

CVS: cvs.openbsd.org: src

[Job Snijders]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2023/02/16 13:06:15

Modified files:
usr.sbin/rpki-client: rpki-client.8 

Log message:
Update references in STANDARDS section to use Rs blocks

Also drop largely irrelevant references like IPv6 and CIDR
(as we didn't reference IPv4 either), remove obsoleted RFCs and add
their successors.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2023/02/16 11:10:28

Modified files:
distrib/miniroot: install.sub 

Log message:
Rewrite bsort() from hand-rolled recursive to simpler iterative reusing code

ksh(1) can sort itself and addel() ensures uniqueness, so reuse both to get
a much simpler shell version of `sort -u' that is bug-for-bug compatible
with the old one but shorter and easier to tweak/reason about.

OK afresh1

CVS: cvs.openbsd.org: www

[Sebastian Reitenbach]

CVSROOT:/cvs
Module name:www
Changes by: sebas...@cvs.openbsd.org2023/02/16 08:06:48

Modified files:
faq: current.html 

Log message:
Mention replacement of old Puppet 5 with new Puppet 7, esp. point out
bootstrapping requirements for the Puppetserver.

CVS: cvs.openbsd.org: src

[Mark Kettenis]

CVSROOT:/cvs
Module name:src
Changes by: kette...@cvs.openbsd.org2023/02/16 07:44:48

Modified files:
sys/arch/arm64/conf: GENERIC RAMDISK 

Log message:
Enable dwqe(4).

CVS: cvs.openbsd.org: src

[Mark Kettenis]

CVSROOT:/cvs
Module name:src
Changes by: kette...@cvs.openbsd.org2023/02/16 07:43:53

Modified files:
sys/dev/ic : dwqereg.h 

Log message:
Fix MAC address register offsets.

ok patrick@

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2023/02/16 07:34:34

Modified files:
usr.sbin/rpki-client: x509.c 

Log message:
Revert r1.63.

GEN_OTHERNAME is the type of a GENERAL_NAMES, not of a DIST_POINT_NAME,
which needs naked numbers as there is no enum nor defines describing it.

claudio agrees

CVS: cvs.openbsd.org: src

[Job Snijders]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2023/02/16 07:25:27

Modified files:
usr.sbin/rpki-client: x509.c 

Log message:
Add missing RFC 6487 section 4.8.6 CRLDP compliance checks

OK tb@ claudio@

CVS: cvs.openbsd.org: www

[Klemens Nanni]

CVSROOT:/cvs
Module name:www
Changes by: k...@cvs.openbsd.org2023/02/16 07:11:36

Modified files:
.  : want.html 

Log message:
the foundation took care of a new laptop, thanks!

Re: CVS: cvs.openbsd.org: src

[Stuart Henderson]

On 2023/02/15 20:10, Theo de Raadt wrote:
> transistor shortage, in these trying times
> 
> Jonathan Gray  wrote:
> 
> > CVSROOT:/cvs
> > Module name:src
> > Changes by: j...@cvs.openbsd.org2023/02/15 20:09:33
> > 
> > Modified files:
> > usr.sbin/fw_update: patterns.c 
> > 
> > Log message:
> > remove the '(R)' from the intel cpu match pattern
> > 
> > Intel(R) does not appear in
> > cpu0: Intel Atom(R) x6425RE Processor @ 1.90GHz, 1895.90 MHz, 06-96-01
> > reported by patrick@ ok deraadt@
> > 
> 

Perhaps they need a new cpuid function that returns UTF-8 (the model
name they use in some other places has a unicode registered trademark
symbol in place of the now-missing '(R)').

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 04:13:05

Modified files:
lib/libcrypto/arch/amd64: Makefile.inc 
lib/libcrypto/bn: bn_local.h 
lib/libcrypto/bn/arch/amd64: bn_arch.c bn_arch.h 

Log message:
Enable s2n-bignum word_clz() on amd64.

The BN_num_bits_word() function is a hot path, being called more than
80 million times during a libcrypto regress run. The word_clz()
implementation uses five instructions to do the same as the generic code
that uses more than 60 instructions.

Discussed with tb@

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 03:58:06

Modified files:
lib/libcrypto/bn: bn_internal.h 

Log message:
Use bn_addw() in bn_mulw(), rather than duplicating add with carry code.

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 03:54:20

Modified files:
lib/libcrypto/bn/arch/amd64: word_clz.S 

Log message:
Change include from _internal_s2n_bignum.h to s2n_bignum_internal.h.

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 03:53:18

Modified files:
lib/libcrypto/bn/arch/amd64: word_clz.S 

Log message:
Include the ISC license from s2n-bignum's LICENSE file.

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 03:51:58

Added files:
lib/libcrypto/bn/arch/amd64: word_clz.S 

Log message:
Bring in word_clz.S from s2n-bignum for amd64.

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 03:41:03

Modified files:
lib/libcrypto/bn: bn_div.c bn_internal.h bn_sqr.c 
lib/libcrypto/bn/arch/aarch64: bn_arch.h 
lib/libcrypto/bn/arch/alpha: bn_arch.h 
lib/libcrypto/bn/arch/amd64: bn_arch.h 
lib/libcrypto/bn/arch/i386: bn_arch.h 
lib/libcrypto/bn/arch/powerpc64: bn_arch.h 
lib/libcrypto/bn/arch/riscv64: bn_arch.h 

Log message:
Rename bn_umul_hilo() to bn_mulw().

This keeps the naming consistent with the other bignum primitives that have
been recently introduced. Also, use 1/0 intead of h/l (e.g. a1 instead of
ah), as this keeps consistency with other primitives and allows for naming
that works with double word, triple word and quadruple word inputs/outputs.

Discussed with tb@

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2023/02/16 03:18:59

Modified files:
lib/libcrypto/x509: x509_purp.c 

Log message:
zap stray empty line

CVS: cvs.openbsd.org: src

[Darren Tucker]

CVSROOT:/cvs
Module name:src
Changes by: dtuc...@cvs.openbsd.org 2023/02/16 03:10:00

Modified files:
usr.bin/ssh: compat.c compat.h 

Log message:
Remove SSH_BUG_PASSWORDPAD compat bit since it's no longer used.
ok markus@

CVS: cvs.openbsd.org: src

[Joel Sing]

CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org   2023/02/16 03:02:02

Modified files:
lib/libcrypto/bn: bn_internal.h 

Log message:
Add missing masks to accumulator version of bn_umul_hilo()

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2023/02/16 01:54:47

Modified files:
sys/kern   : init_sysent.c syscalls.c 
sys/sys: syscall.h syscallargs.h 

Log message:
regen

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2023/02/16 01:53:16

Modified files:
sys/kern   : syscalls.master 

Log message:
utrace(2) can run without kernel lock. Now ktruser() will take the
lock only when needed.
OK miod@ cheloha@

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2023/02/16 01:50:57

Modified files:
sys/kern   : kern_ktrace.c 

Log message:
Like other ktrace functions make ktruser() callable without kernel lock
by takeing the lock around ktrwrite2().
OK miod@ cheloha@

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2023/02/16 01:38:17

Modified files:
lib/libcrypto/hidden: crypto_namespace.h 
lib/libcrypto/hmac: hmac.c 
lib/libcrypto/pkcs12: p12_add.c p12_asn.c p12_attr.c p12_crpt.c 
  p12_crt.c p12_decr.c p12_init.c p12_key.c 
  p12_kiss.c p12_mutl.c p12_npas.c p12_p8d.c 
  p12_p8e.c p12_sbag.c p12_utl.c pk12err.c 
lib/libcrypto/pkcs7: bio_pk7.c pk7_asn1.c pk7_attr.c pk7_doit.c 
 pk7_lib.c pk7_mime.c pk7_smime.c pkcs7err.c 
lib/libcrypto/stack: stack.c 
lib/libcrypto/ui: ui_err.c ui_lib.c ui_null.c ui_openssl.c 
  ui_util.c 
lib/libcrypto/x509: by_dir.c by_file.c by_mem.c pcy_lib.c 
pcy_tree.c x509_addr.c x509_akeya.c 
x509_alt.c x509_asid.c x509_att.c 
x509_bcons.c x509_bitst.c x509_cmp.c 
x509_conf.c x509_cpols.c x509_crld.c 
x509_d2.c x509_def.c x509_enum.c x509_err.c 
x509_ext.c x509_extku.c x509_genn.c 
x509_info.c x509_lib.c x509_lu.c 
x509_ncons.c x509_obj.c x509_pcia.c 
x509_pcons.c x509_pku.c x509_pmaps.c 
x509_prn.c x509_purp.c x509_r2x.c x509_req.c 
x509_set.c x509_skey.c x509_sxnet.c 
x509_trs.c x509_txt.c x509_utl.c x509_v3.c 
x509_vfy.c x509_vpm.c x509cset.c x509name.c 
x509rset.c x509spki.c x509type.c x_all.c 
lib/libssl : bio_ssl.c 
lib/libssl/hidden: ssl_namespace.h 

Log message:
libressl *_namespace.h: adjust *_ALIAS() to require a semicolon

LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon.
This does not conform to style(9), breaks editors and ctags and
(most importantly) my workflow. Fix this by neutering them with
asm("") so that -Wpedantic doesn't complain. There's precedent
in libc's namespace.h

fix suggested by & ok jsing