CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: guent...@cvs.openbsd.org2024/07/26 13:16:31 Modified files: sys/sys: ktrace.h sys/kern : kern_time.c usr.bin/kdump : ktrstruct.c Log message: Trace struct itimerval ok deraadt@ claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2024/07/26 09:59:04 Modified files: sys/arch/amd64/amd64: vmm_machdep.c Log message: On AMD vmm(4) set SVM_INTERCEPT_INVLPGA in intercept1. According to the AMD64 Architecture Programmer's Manual volume 2 the intercept SVM_INTERCEPT_INVLPGA needs to be set in vmcb.intercept1 (vector 3, offest 00Ch) instead of intercept2 (vector 4, offset 010h). SVM_INTERCEPT_INVLPGA is bit 26, so before vcpu_reset_regs_svm() was actually setting an intercept for CR10, which does not exist. from hshoexer@; OK mlarkin@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/26 09:51:09 Modified files: sys/net: pipex_local.h Log message: Mark ipsecflowinfo immutable. ok mvs
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/26 09:45:31 Modified files: sys/net: pipex.c Log message: In pipex_l2tp_input(), check if ipsecflowinfo is not changed instead of updating it blindly. ok mvs
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: na...@cvs.openbsd.org 2024/07/26 09:24:49 Modified files: usr.bin/ssh: sshd_config.5 Log message: document the reduced logingrace penalty
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2024/07/26 08:38:20 Modified files: sys/netinet: in_proto.c sys/netinet6 : in6_proto.c Log message: Run UDP input on multiple CPU in parallel. The socket layer of UDP has been made fully MP safe. UDP output is MP safe for a while. mvs@ has fixed the missing pieces in socket splicing recently. This means that complete UDP stack can be processed by multiple threads now. Activate multi processing for udp_input() when called with IPv4 or IPv6 packets. Usually IP processing runs on multiple softnet threads with shared net lock. From there local packets are queued and processed by one thread with exclusive net lock. If the PR_MPINPUT flag is set, protocol input is called directly from IP input on multiple threads, with shared net lock and no additional queueing. tested by Hrvoje Popovski; OK mvs@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/07/26 07:34:56
Modified files:
lib/libcrypto/hidden/openssl: x509.h
Log message:
Mark X509at_get_attr{,_count}() and X509at_delete_attr() as unused
ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/07/26 07:33:39
Modified files:
lib/libcrypto/x509: x509_att.c
Log message:
Disable X509at_get_attr{,_count}() and X509at_delete_attr()
These are (not so) thin wrappers around the stack API and only make
things unreadable by adding an unneccesary layer of indirection and
repeating checks already present in the stack API. X509at_delete_attr()
is a masterpiece.
ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/26 07:30:40 Modified files: lib/libcrypto/x509: x509_att.c Log message: Inline last user of X509at_get_attr() ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: s...@cvs.openbsd.org2024/07/26 01:55:23 Modified files: sys/dev/pv : if_vio.c vioblk.c vioblkreg.h virtio.c virtioreg.h Log message: virtio: add/fix feature bits There was a off-by-one in unused vioblk feature defines. Fix this. Add missing feature bits from virtio 1.2 so that they are displayed with VIRTIO_DEBUG. ok jan@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: s...@cvs.openbsd.org2024/07/26 00:29:01 Modified files: sys/dev/pv : if_vio.c Log message: vio: Don't request csum offload if not negotiated The standard says "A driver MUST NOT enable an offload for which the appropriate feature has not been negotiated." ok jan@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/26 00:24:52 Modified files: usr.sbin/smtpd : smtpd.conf.5 Log message: - document "ca" in the action ... relay section from philipp plus openbsd at bureaucracy de - within the "ca" section, refer to "listen on" and "action ... relay", which is the actual syntax ok op
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/25 21:42:02 Modified files: sys/dev/pci/drm/radeon: radeon_gem.c Log message: drm/radeon: check bo_va->bo is non-NULL before using it >From Pierre-Eric Pelloux-Prayer f13c96e0e325a057c03f8a47734adb360e112efe in linux-6.6.y/6.6.42 6fb15dcbcf4f212930350eaee174bb60ed40a536 in mainline linux
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/25 21:40:43 Modified files: lib/libcrypto/man: ERR_load_strings.3 Log message: Put opening brace on correct line
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/25 21:39:34 Modified files: sys/dev/pci/drm/amd/display/amdgpu_dm: amdgpu_dm.c Log message: drm/amd/display: Fix refresh rate range for some panel >From Tom Chung 607731f315d15558696e9b542121d40411df37fd in linux-6.6.y/6.6.42 9ef1548aeaa8858e7aee2152bf95cc71cdcd6dff in mainline linux
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/25 21:34:59 Modified files: sys/dev/pci/drm/amd/display/amdgpu_dm: amdgpu_dm.c Log message: drm/amd/display: Add refresh rate range check >From Tom Chung 531e7852fb62bfc6a15cc1df85f62720f704d537 in linux-6.6.y/6.6.42 74ad26b36d303ac233eccadc5c3a8d7ee4709f31 in mainline linux
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2024/07/25 19:38:59 Modified files: distrib/sets/lists/base: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2024/07/25 17:44:01 Modified files: usr.bin/ssh: servconf.c Log message: reduce logingrace penalty. A single forgotton login that times out should be below the penalty threshold. ok deraadt/claudio
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2024/07/25 16:40:08 Modified files: usr.bin/ssh: channels.c channels.h mux.c nchan.c Log message: Fix proxy multiplexing (-O proxy) bug If a mux started with ControlPersist then later has a forwarding added using mux proxy connection and the forwarding was used, then when the mux proxy session terminates, the mux master process will send a channel close to the server with a bad channel ID and crash the connection. This was caused by my stupidly reusing c->remote_id for mux channel associations when I should have just added another member to struct channel. ok markus@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2024/07/25 14:21:40 Modified files: sys/dev/fdt: qcpas.c Log message: Explicitly request for battery status updates as the firmware doesn't seem to send us regular updates itself. Estamate the remaining battery (charge) time by using the reported rate. ok phessler@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/25 11:29:51 Modified files: lib/libz : compress.3 Log message: document deflateUsed() text mostly from upstream, the function will soon be added to libz. ok jmc
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/25 11:25:59 Modified files: lib/libz : compress.3 Log message: fix a small markup mistake (missing newline) ok jmc (as part of a larger diff)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: st...@cvs.openbsd.org 2024/07/25 09:36:56 Modified files: share/man/man5 : python-module.5 Log message: mention MODPY_PYBUILD=pdm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/25 07:40:55 Modified files: usr.bin/renice : renice.8 Log message: fix double space; from crystal kolipe
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/25 02:44:39 Modified files: usr.sbin/rpki-client: filemode.c Log message: Silence a false positive warning for gcc The code path gcc is whining about ensures that the struct auth in question is initialized, but the pile of garbage that is gcc's use of uninitialized warnings can't figure that one out. Enough time on this was wasted during the last few releases that silencing gcc with annoying workarounds may be the lesser evil. ok claudio
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: s...@cvs.openbsd.org2024/07/25 02:35:40 Modified files: sys/dev/pv : virtio.c Log message: virtio: Allow more verbose debugging If VIRTIO_DEBUG is set to 2, dump the whole virtqueues.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/25 01:24:41 Modified files: regress/lib/libradius: test23.c Log message: Fix test23. It assumed the place of the attribute is unchanged. But now, the message-authenticator is located at first always. found anton
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2024/07/24 23:33:06 Modified files: distrib/sets/lists/comp: md.loongson Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2024/07/24 15:24:18 Modified files: sys/arch/arm64/arm64: cpu.c machdep.c trap.c sys/arch/arm64/include: armreg.h cpu.h Log message: If the CPU cores implement FEAT_IDST, emulate access to the CPU ID registers from userland and set HWCAP_CPUID. This will allow detection of features to be introduced into the architecture in the future without allocating new HWCAP_xxx or HWCAP2_xxx bits. We provide the same sanitized view of the CPU ID registers as is currently available through sysctl(2). Note that this introduces an unconditional read of ID_AA64MMFR2_EL1. This is known to cause problems on older versions of QEMU. If this turns out to be a problem in cases where updating QEMU is not an option, we'll have to implement a workaround. Also note that since we don't emulate the CPU ID registers on older core, this means that microarchitectural optimizations keyed of reads of MIDR_EL1 are not possible on OpenBSD. I don't think that is a real problem. ok jca@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/24 13:28:37 Modified files: etc/examples : bgpd.conf Log message: Add 5f00::/16 segment routing SRv6 SIDs prefix to example bogon list "In SRv6, SR source nodes initiate packets with a segment identifier in the Destination Address of the IPv6 header, and SR segment endpoint nodes process a local segment present in the Destination Address of an IPv6 header." https://www.iana.org/assignments/iana-ipv6-special-registry/ https://datatracker.ietf.org/doc/html/draft-ietf-6man-sids OK phessler@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/24 12:56:57 Modified files: etc/examples : bgpd.conf Log message: 3fff::/20 has been set aside as an additional documentation prefix Per https://www.iana.org/assignments/iana-ipv6-special-registry/ and https://datatracker.ietf.org/doc/html/draft-ietf-v6ops-rfc3849-update OK phessler@ claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2024/07/24 09:31:08 Modified files: sys/kern : kern_sig.c Log message: KASSERT that the ps_single proc has P_SUSPSINGLE cleared. Requested by kettenis@ and guenther@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2024/07/24 09:30:17 Modified files: sys/kern : kern_exit.c Log message: Remove the (pr->ps_single->p_flag & P_SUSPSINGLE) == 0 check since it is always true. Also consitently wrap all flag checks into parantheses. OK kettenis@ guenther@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2024/07/24 07:37:05 Modified files: sys/kern : subr_log.c Log message: Use a different mutex to protect the kqueue klist in logsoftc. knote_locked() will call wakeup() and with it the SCHED_LOCK and by that makes log_mtx no longer a leaf lock. By using an own lock for the klist we can keep log_mtx a leaf lock and with that printf(9) can be used in most contexts again. OK mvs@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2024/07/24 06:18:10 Modified files: sys/uvm: uvm_pager.c Log message: Remove workaround for lock ordering issue in uvm_pseg_get(). Now that uvm_unmap_detach() no longer grab the KERNEL_LOCK() it should be safe to call it with the `uvm_pseg_lck' mutex held via uvm_km_valloc_try(). ok jca@, claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2024/07/24 06:17:31 Modified files: sys/kern : kern_exit.c sys/uvm: uvm_extern.h uvm_map.c Log message: Move uvm_exit() outside of the KERNEL_LOCK() in the reaper. Use atomic operations to reference count VM spaces. Tested by claudio@, bluhm@, sthen@, jca@ ok jca@, claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2024/07/24 06:16:21 Modified files: sys/uvm: uvm_vnode.c Log message: Grab the kernel lock in preparation for unlocking most of uvm_unmap_detach(). ok jca@, claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2024/07/24 06:15:55 Modified files: sys/uvm: uvm_device.c Log message: Remove assertion in udv_detach(), the function is already mpsafe. ok jca@, claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/24 02:57:58 Modified files: lib/libcrypto/man: BUF_MEM_new.3 Log message: BUF_MEM_new.3: add a touch of KNF
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/24 02:27:20 Modified files: usr.sbin/radiusctl: parser.c parser.h radiusctl.8 radiusctl.c Log message: dd "msgauth" option for "test" command to specify whether use Message-Authentication or not.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/24 02:22:26 Modified files: lib/libradius : Makefile shlib_version Added files: lib/libradius : Symbols.list Log message: Add Symbols.list and enable version script to hide some local functions.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/24 02:19:16 Modified files: lib/libradius : radius_attr.c radius_msgauth.c radius_new_request_packet.3 radius_local.h Log message: Place Message-Authenticator at the beginning of the attributes as draft-ietf-radext-deprecating-radius-02 suggests.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: to...@cvs.openbsd.org 2024/07/23 14:04:51 Modified files: sys/net: pfkeyv2_parsemessage.c Log message: Accept and ignore SADB_X_EXT_REPLAY and SADB_X_EXT_COUNTER payloads for incoming SADB_ADD and SADB_UPDATE message. Since we send them as part of the SADB_GET reply we must also accept them on SADB_ADD/UPDATE as sasyncd will forward payloads previously received in SADB_GET. Fixes a bug where sasync can't restore SAs because pfkey returns EINVAL. >From Rafa\xc5\x82 Ramocki ok bluhm@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: s...@cvs.openbsd.org2024/07/23 13:14:05 Modified files: sys/dev/pv : virtio.c Log message: virtio: fix comment
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2024/07/23 08:42:03 Modified files: regress/lib/libssl/ciphers: cipherstest.c Log message: Revise regress for ssl3_get_cipher() changes.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2024/07/23 08:40:54 Modified files: lib/libssl : d1_lib.c s3_lib.c ssl_ciph.c ssl_local.h ssl_methods.c Log message: Remove get_cipher from SSL_METHOD. Inline the get_cipher implementation (including the special handling for DTLS) in ssl_cipher_collect_ciphers() (the only consumer), remove the get_cipher member of SSL_METHOD and mop up dtls1_get_cipher(). ssl3_get_cipher() has always had a strange property of being a reverse index, which is relied on by the cipher list ordering code, since it currently assumes that high cipher suite values are preferable. Rather than complicating ssl3_get_cipher() (and regress), change the iteration order in ssl_cipher_collect_ciphers() to match what it requires. Lastly, rename ssl3_get_cipher() to be more descriptive. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: ratc...@cvs.openbsd.org 2024/07/23 02:59:21 Modified files: sys/dev/usb: uaudio.c Log message: uaudio: Fix confusion between interface numbers and interface indexes There is rare hardware for which the interface numbers and indexes are not equal. Such devices couldn't attach because the driver claimed the wrong interface.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2024/07/23 02:38:02 Modified files: sys/kern : kern_synch.c Log message: Pass curproc pointer down from sleep_finish() instead of pulling it in again in sleep_signal_check(). OK dlg@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: ratc...@cvs.openbsd.org 2024/07/23 02:36:51 Modified files: lib/libsndio : sioctl_sun.c Log message: libsndio: Don't use poll(2) for output on the control device. The AUDIO_MIXER_WRITE ioctl always succeeds without blocking, so no need to use poll(2) for output. The audio(4) control device driver doesn't implement the corresponding struct filterops anyway. Fixes delayed level settings.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: ratc...@cvs.openbsd.org 2024/07/23 00:34:03 Modified files: usr.bin/sndiod : file.c Log message: sndiod: Properly update the poll(2) event masks after i/o. If there are no descriptors to poll for an event source, we call the i/o handlers immediately (before poll(2) is called). As this may generate output for other descriptors, their the poll(2) event masks need to be updated.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2024/07/22 16:06:27 Modified files: lib/libc/dlfcn : init.c Log message: Specify a priority for _libc_preinit() to make sure it runs before other constructors (such as the constructor for libcompiler_rt). ok guenther@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: n...@cvs.openbsd.org2024/07/22 09:27:42 Modified files: usr.bin/tmux : options.c Log message: Expand full array option values if no index is provided, GitHub issue 4051.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2024/07/22 08:50:45 Modified files: regress/lib/libssl/asn1: asn1test.c regress/lib/libssl/tlsext: tlsexttest.c Log message: Revise regress to match cipher suite values change.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2024/07/22 08:47:15 Modified files: lib/libssl : s3_lib.c ssl_asn1.c ssl_ciph.c ssl_ciphers.c ssl_clnt.c ssl_local.h ssl_pkt.c ssl_sess.c ssl_srvr.c ssl_txt.c tls13_client.c tls13_server.c Log message: Use cipher suite values instead of IDs. OpenSSL has had the concept of cipher IDs, which were a way of working around overlapping cipher suite values between SSLv2 and SSLv3. Given that we no longer have to deal with this issue, replace the use of IDs with cipher suite values. In particular, this means that we can stop mapping back and forth between the two, simplifying things considerably. While here, remove the 'valid' member of the SSL_CIPHER. The ssl3_ciphers[] table is no longer mutable, meaning that ciphers cannot be disabled at runtime (and we have `#if 0' if we want to do it at compile time). Clean up the comments and add/update RFC references for cipher suites. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/22 08:03:22 Modified files: sys/dev/ata: wd.c sys/dev/i2c: ipmi_i2c.c Log message: remove unneeded prototypes for functions in other files
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/22 06:05:38 Modified files: sys/dev/pci: tga.c Log message: remove prototype with no matching function
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/22 04:00:16 Modified files: usr.sbin/radiusd: radiusd_ipcp.c Log message: Fix ipcp module to use (the maximum sequence number from the db) + 1 properly.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2024/07/22 03:44:37 Modified files: bin/ps : ps.1 Log message: Sync with proc.h: s/PS_STOPPED/PS_STOPPING/ OK kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2024/07/22 03:43:48 Modified files: sys/kern : kern_sig.c sys/sys: proc.h Log message: Rename PS_STOPPED to PS_STOPPING. I want to use PS_STOPPED to indicate that a process has been stopped so make room for that. OK kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/22 03:39:23 Modified files: usr.sbin/radiusctl: radiusctl.c usr.sbin/radiusd: radiusd_ipcp.c Log message: Modify ipcp module to return a result for IMSG_RADIUSD_MODULE_IPCP_DISCONNECT and radiusctl to handle the result.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/22 03:27:16 Modified files: usr.sbin/radiusd: radiusd.c Log message: Make some functions "static".
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2024/07/22 02:18:53 Modified files: sys/kern : kern_exit.c Log message: Switch proc_finish_wait() to use the process as argument instead of its ps_mainproc. dowait6() needs to stop using ps_mainproc and this is the first step. OK guenther@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2024/07/21 13:41:31 Modified files: sys/arch/amd64/amd64: cpu.c locore0.S pmap.c sys/arch/amd64/include: cpu.h specialreg.h Log message: For AMD SEV determine C-bit position and guest mode in locore0. Actually determine the C-bit position if we are running as a guest with SEV enabled. Configure pg_crypt, pg_frame and pg_lgframe accordingly, using the physical address bit reduction provided by cpuid. from hshoexer@; OK mlarkin@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2024/07/21 12:57:31 Modified files: sys/arch/arm64/arm64: cpu.c Log message: Populate hwcap and hwcap2 based on the sanitized values of the ID register values and the feature bits that we recognize. ok naddy@, jca@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/21 10:49:26 Modified files: sys/arch/powerpc64/include: cpu.h elf.h sys/arch/powerpc64/powerpc64: cpu.c Log message: Export basic HWCAP bits to let applications detect Altivec & VSX on powerpc64 Input from miod@ and gkoehler@, tests & ok gkoehler@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/21 10:46:57 Modified files: sys/arch/macppc/macppc: cpu.c sys/arch/powerpc/include: elf.h Log message: Export basic HWCAP bits to let applications detect Altivec on powerpc Input from miod@ and gkoehler@, tests & ok gkoehler@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2024/07/21 10:19:25 Modified files: sys/arch/amd64/amd64: vector.S Log message: A few manual ret-cleans. Seeing as these pertain to interrupt servicing, the stack utilization ends up near the the deep end of the stack where, retcleans are useful. tested for a while in snaps ok bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/21 07:25:11 Modified files: regress/lib/libcrypto/asn1: asn1time.c Log message: asn1time: indicate which comparison function failed extracted from a diff by Kenjiro Nakayama
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: fcam...@cvs.openbsd.org 2024/07/21 07:18:15 Modified files: sys/dev/rasops : rasops32.c Log message: Add optimized character rendering case for 6 pixels wide fonts in rasops32_putchar(). >From jon (at) elytron (dot) openbsd (dot) amsterdam.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/21 02:36:43 Modified files: lib/libcrypto/man: DH_get0_pqg.3 DSA_get0_pqg.3 EC_KEY_METHOD_new.3 EVP_AEAD_CTX_init.3 EVP_DigestInit.3 EVP_DigestSignInit.3 EVP_DigestVerifyInit.3 EVP_EncryptInit.3 EVP_PKEY_CTX_new.3 EVP_PKEY_asn1_get_count.3 EVP_PKEY_new.3 EVP_SignInit.3 EVP_VerifyInit.3 HMAC.3 Log message: Unify description of the obsolete ENGINE parameter This uses the same language in most manuals mentioning the obsolete ENGINE parameters. Make it clear that it is always ignored and that NULL should be passed. Always call it engine instead of a mix of e pe, impl, eng.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/21 02:10:17 Modified files: lib/libcrypto/man: EVP_PKEY_decrypt.3 Log message: Garbage collect ENGINE "use" from EVP_PKEY_decrypt() example
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/20 12:37:38 Modified files: regress/lib/libssl/client: Makefile clienttest.c Log message: Fix golden numbers after beck broke it months ago (why is it always me who gets to clean up this shit?)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2024/07/20 11:26:19 Modified files: sys/kern : uipc_socket.c sys/netinet: udp_usrreq.c sys/sys: socketvar.h Log message: Unlock udp(4) somove(). Socket splicing belongs to sockets buffers. udp(4) sockets are fully switched to fine-grained buffers locks, so use them instead of exclusive solock(). Always schedule somove() thread to run as we do for tcp(4) case. This brings delay to packet processing, but it is comparable wit non splicing case where soreceive() threads are always scheduled. So, now spliced udp(4) sockets rely on sb_lock() of `so_rcv' buffer together with `sb_mtx' mutexes of both buffers. Shared solock() only required around pru_send() call, so the most of somove() thread runs simultaneously with network stack. Also document 'sosplice' structure locking. Feedback, tests and OK from bluhm.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: an...@cvs.openbsd.org 2024/07/20 00:54:15 Modified files: usr.sbin/relayd: relay_http.c Log message: Fix regression introduced in previous causing HEAD requests to be erroneously rejected as malformed. ok chrisz@
Re: CVS: cvs.openbsd.org: src
On Thu, Jul 18, 2024 at 10:26:23PM -0600, Christopher Zimmermann wrote: > CVSROOT: /cvs > Module name: src > Changes by: chr...@cvs.openbsd.org 2024/07/18 22:26:23 > > Modified files: > usr.sbin/relayd: relay_http.c > > Log message: > Keep Content-length header in HEAD responses. > > ok millert@ This commit introduced a regression as highlighted by the relayd regress tests. Some HEAD requests are now rejected as malformed, preserving the lost break fixes the issue. Index: relay_http.c === RCS file: /cvs/src/usr.sbin/relayd/relay_http.c,v diff -u -p -r1.89 relay_http.c --- relay_http.c19 Jul 2024 04:26:23 - 1.89 +++ relay_http.c20 Jul 2024 04:36:59 - @@ -435,6 +435,10 @@ relay_read_http(struct bufferevent *bev, kv_delete(>http_headers, desc->http_lastheader); break; + case HTTP_METHOD_RESPONSE: + if (request_method == HTTP_METHOD_HEAD) + break; + /* FALLTHROUGH */ default: /* * Need to read data from the client
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2024/07/19 22:04:23 Modified files: lib/libssl : d1_pkt.c ssl_asn1.c ssl_ciph.c ssl_clnt.c ssl_lib.c ssl_local.h ssl_pkt.c ssl_sess.c ssl_srvr.c ssl_txt.c t1_enc.c tls13_client.c tls13_server.c Log message: Remove cipher from SSL_SESSION. For a long time SSL_SESSION has had both a cipher ID and a pointer to an SSL_CIPHER (and not both are guaranteed to be populated). There is also a pointer to an SSL_CIPHER in the SSL_HANDSHAKE that denotes the cipher being used for this connection. Some code has been using the cipher from SSL_SESSION and some code has been using the cipher from SSL_HANDSHAKE. Remove cipher from SSL_SESSION and use the version in SSL_HANDSHAKE everywhere. If resuming from a session then we need to use the SSL_SESSION cipher ID to set the SSL_HANDSHAKE cipher. And we still need to ensure that we update the cipher ID in the SSL_SESSION whenever the SSL_HANDSHAKE cipher changes (this only occurs in a few places). ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2024/07/19 10:58:32 Modified files: sys/netinet: ip_input.c sys/netinet6 : in6_proto.c ip6_forward.c ip6_input.c Log message: Unlock sysctl net.inet.ip.redirect and net.inet6.ip6.redirect. Variable ip and ip6 sendredirects is only read once during packet processing. Use atomic_load_int() to access the value in exactly one read instruction. No memory barriers needed as there is no correlation with other values. Sort the ip and ip6 checks, so the difference is easier to see. Move access to global variable to the end. OK mvs@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2024/07/19 09:41:58 Modified files: sys/netinet: udp_usrreq.c Log message: Relax socket lock assertion in UDP input and send. OK mvs@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2024/07/19 09:28:51 Modified files: libexec/getty : main.c Log message: unveil(2) /etc/gettytab.db in getty(8) to avoid possible violation. OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2024/07/19 08:32:56 Modified files: distrib/sets/lists/comp: md.armv7 Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2024/07/19 02:54:31 Modified files: lib/libssl : s3_lib.c ssl_lib.c ssl_local.h ssl_sess.c ssl_srvr.c tls13_server.c Log message: Move client ciphers from SSL_SESSION to SSL_HANDSHAKE. SSL_SESSION has a 'ciphers' member which contains a list of ciphers that were advertised by the client. Move this from SSL_SESSION to SSL_HANDSHAKE and rename it to match reality. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2024/07/19 02:56:17 Modified files: lib/libssl : ssl_clnt.c ssl_srvr.c Log message: Annotate issues with tls_session_secret_cb() related code.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2024/07/18 22:33:36 Modified files: regress/usr.bin/ssh: multiplex.sh Log message: test transfers in mux proxy mode too
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: chr...@cvs.openbsd.org 2024/07/18 22:26:23 Modified files: usr.sbin/relayd: relay_http.c Log message: Keep Content-length header in HEAD responses. ok millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/18 16:40:09 Modified files: usr.sbin/radiusd: radiusd_file.c Log message: Send Access-Reject when the authentication is not handled or the user is not found.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/18 16:18:00 Modified files: usr.sbin/radiusd: radiusd_file.c Log message: unveil .db is needed. Also move pledge() earlier.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2024/07/18 11:18:01 Modified files: sys/arch/arm64/arm64: cpu.c Log message: Fix typos in previous commit spotted by naddy@
Re: CVS: cvs.openbsd.org: src
Todd C. Miller wrote: > CVSROOT: /cvs > Module name: src > Changes by: mill...@cvs.openbsd.org 2024/07/18 09:38:57 > > Modified files: > lib/libc/sys : link.2 > > Log message: > The source of a link (name1) may not be a directory. > > POSIX says this is implementation-dependent; OpenBSD does not allow > it. OK guenther@ > it's so dumb. Where is the code in cp(1) to handle the filesystem being a graph? Why is that code also missing in find(1)? Is that code in rsync? It's nowhere. Programs expect the filesystem to be a tree, not a graph.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/07/18 09:38:57 Modified files: lib/libc/sys : link.2 Log message: The source of a link (name1) may not be a directory. POSIX says this is implementation-dependent; OpenBSD does not allow it. OK guenther@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2024/07/18 08:46:28 Modified files: sys/net: pf_ioctl.c Log message: In pfattach() pass malloc type instead of flags to cpumem_malloc(). from markus@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2024/07/18 05:21:10 Modified files: distrib/sets/lists/comp: md.landisk Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/18 02:58:59 Modified files: sbin/iked : radius.c Log message: Fix memory leaks and improve id handling of iked_radserver_req. original diff from markus ok tobhe
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/07/17 23:44:46 Modified files: share/man/man4 : speaker.4 Log message: remove extra punctuation; from alexander arch
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/17 20:45:32 Modified files: libexec/login_radius: raddauth.c Log message: Since libcrypto is used to calc message authenticator, use libcrypto md5 also in other places instead libc md5. ok millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2024/07/17 19:47:27 Modified files: usr.bin/ssh: ssh.1 Log message: mention mux proxy mode
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/17 18:28:53 Modified files: usr.sbin/radiusd: radiusd.conf.5 Log message: Add a link to radiud_file(8)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/07/17 14:57:16 Modified files: usr.bin/sed: compile.c defs.h extern.h main.c misc.c process.c Log message: sed: use warn()/err() where appropriate Use warn()/err() instead of sed's homegrown warning()/error() for things other than parser problems. The warning()/error() functions display the file and line number in addition to the error message. This also removes of the COMPILE/FATAL argument to error() since now all calls to error() are for compilation/parsing issues. OK op@ espie@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2024/07/17 14:50:28 Modified files: libexec/login_radius: Makefile raddauth.c Log message: Add Message-Authenticator attriubte when sending Access-Request. ok millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/07/17 09:22:56 Modified files: regress/lib/libssl/ciphers: cipherstest.c Log message: Add RCS id
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2024/07/17 09:21:59 Modified files: sys/arch/arm64/arm64: autoconf.c cpu.c machdep.c sys/arch/arm64/include: cpu.h Log message: Clean up the cpi_id_aa64xxx variables at the end of autoconf such that sysclt(2) and ID register access emulation can share the variables. ok jca@
