summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/libcrypto/bn/bn.h8
-rw-r--r--lib/libcrypto/bn/bn_local.h8
-rw-r--r--lib/libcrypto/bn/bn_recp.c73
-rw-r--r--lib/libcrypto/ec/ec_lib.c246
-rw-r--r--lib/libcrypto/ec/ec_local.h98
-rw-r--r--lib/libcrypto/ec/ecp_methods.c279
-rw-r--r--lib/libcrypto/man/X509_NAME_print_ex.313
-rw-r--r--lib/libcrypto/pkcs12/p12_kiss.c4
-rw-r--r--lib/libcrypto/ts/ts_lib.c33
-rw-r--r--lib/libcrypto/x509/x509_policy.c4
-rw-r--r--regress/lib/libcrypto/ec/ectest.c4
-rw-r--r--regress/sys/kern/sosplice/tcp/args-unsplice-forked.pl6
-rw-r--r--regress/sys/netinet/tcpthread/Makefile14
-rw-r--r--regress/sys/netinet/tcpthread/README3
-rw-r--r--regress/sys/netinet/tcpthread/tcpthread.c148
-rw-r--r--regress/usr.bin/mandoc/roff/nr/scale.in22
-rw-r--r--regress/usr.bin/mandoc/roff/nr/scale.out_ascii6
-rw-r--r--sbin/ifconfig/brconfig.c25
-rw-r--r--sbin/ifconfig/ifconfig.819
-rw-r--r--sbin/ifconfig/ifconfig.c5
-rw-r--r--sbin/ifconfig/ifconfig.h3
-rw-r--r--sys/dev/i2c/ihidev.c95
-rw-r--r--sys/dev/i2c/ihidev.h5
-rw-r--r--sys/dev/i2c/ikbd.c14
-rw-r--r--sys/dev/pci/pcidevs7
-rw-r--r--sys/dev/pci/pcidevs.h7
-rw-r--r--sys/dev/pci/pcidevs_data.h22
-rw-r--r--sys/dev/pv/if_vio.c10
-rw-r--r--sys/dev/usb/uaudio.c4
-rw-r--r--sys/kern/kern_sig.c91
-rw-r--r--sys/kern/subr_hibernate.c8
-rw-r--r--sys/kern/uipc_socket.c35
-rw-r--r--sys/net/if_ethersubr.c12
-rw-r--r--usr.bin/mandoc/roff.c39
-rw-r--r--usr.sbin/bgpd/bgpd.843
-rw-r--r--usr.sbin/bgpd/bgpd.conf.519
-rw-r--r--usr.sbin/bgpd/bgpd.h9
-rw-r--r--usr.sbin/bgpd/rde.h5
-rw-r--r--usr.sbin/bgpd/rde_peer.c6
-rw-r--r--usr.sbin/bgpd/rde_update.c15
-rw-r--r--usr.sbin/bgpd/util.c4
41 files changed, 778 insertions, 693 deletions
diff --git a/lib/libcrypto/bn/bn.h b/lib/libcrypto/bn/bn.h
index 523ff42877a..66a05ce9f03 100644
--- a/lib/libcrypto/bn/bn.h
+++ b/lib/libcrypto/bn/bn.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn.h,v 1.78 2024/04/10 14:58:06 beck Exp $ */
+/* $OpenBSD: bn.h,v 1.79 2025/01/06 13:15:08 tb Exp $ */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -401,8 +401,8 @@ int BN_set_bit(BIGNUM *a, int n);
int BN_clear_bit(BIGNUM *a, int n);
char * BN_bn2hex(const BIGNUM *a);
char * BN_bn2dec(const BIGNUM *a);
-int BN_hex2bn(BIGNUM **a, const char *str);
-int BN_dec2bn(BIGNUM **a, const char *str);
+int BN_hex2bn(BIGNUM **a, const char *str);
+int BN_dec2bn(BIGNUM **a, const char *str);
int BN_asc2bn(BIGNUM **a, const char *str);
int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */
@@ -421,7 +421,7 @@ int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
int do_trial_division, BN_GENCB *cb);
-BN_MONT_CTX *BN_MONT_CTX_new(void );
+BN_MONT_CTX *BN_MONT_CTX_new(void);
int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mont, BN_CTX *ctx);
int BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
diff --git a/lib/libcrypto/bn/bn_local.h b/lib/libcrypto/bn/bn_local.h
index 58b5d549034..310cce2a0ed 100644
--- a/lib/libcrypto/bn/bn_local.h
+++ b/lib/libcrypto/bn/bn_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_local.h,v 1.43 2024/04/16 13:07:14 jsing Exp $ */
+/* $OpenBSD: bn_local.h,v 1.45 2025/01/06 13:47:37 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -280,18 +280,16 @@ int bn_rand_interval(BIGNUM *rnd, BN_ULONG lower_word, const BIGNUM *upper_exc);
void BN_init(BIGNUM *);
-int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
-
void BN_RECP_CTX_init(BN_RECP_CTX *recp);
BN_RECP_CTX *BN_RECP_CTX_new(void);
void BN_RECP_CTX_free(BN_RECP_CTX *recp);
int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
+int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, BN_RECP_CTX *recp,
+ BN_CTX *ctx);
int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
BN_RECP_CTX *recp, BN_CTX *ctx);
int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
- BN_RECP_CTX *recp, BN_CTX *ctx);
/* Explicitly const time / non-const time versions for internal use */
int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
diff --git a/lib/libcrypto/bn/bn_recp.c b/lib/libcrypto/bn/bn_recp.c
index 35390e30d44..c9a83f8489a 100644
--- a/lib/libcrypto/bn/bn_recp.c
+++ b/lib/libcrypto/bn/bn_recp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_recp.c,v 1.19 2023/03/27 10:25:02 tb Exp $ */
+/* $OpenBSD: bn_recp.c,v 1.21 2025/01/06 13:47:37 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -107,30 +107,28 @@ BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
return (1);
}
-int
-BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
- BN_RECP_CTX *recp, BN_CTX *ctx)
+/* len is the expected size of the result
+ * We actually calculate with an extra word of precision, so
+ * we can do faster division if the remainder is not required.
+ */
+/* r := 2^len / m */
+static int
+BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx)
{
- int ret = 0;
- BIGNUM *a;
- const BIGNUM *ca;
+ int ret = -1;
+ BIGNUM *t;
BN_CTX_start(ctx);
- if ((a = BN_CTX_get(ctx)) == NULL)
+ if ((t = BN_CTX_get(ctx)) == NULL)
goto err;
- if (y != NULL) {
- if (x == y) {
- if (!BN_sqr(a, x, ctx))
- goto err;
- } else {
- if (!BN_mul(a, x, y, ctx))
- goto err;
- }
- ca = a;
- } else
- ca = x; /* Just do the mod */
- ret = BN_div_recp(NULL, r, ca, recp, ctx);
+ if (!BN_set_bit(t, len))
+ goto err;
+
+ if (!BN_div_ct(r, NULL, t,m, ctx))
+ goto err;
+
+ ret = len;
err:
BN_CTX_end(ctx);
@@ -231,28 +229,31 @@ err:
return (ret);
}
-/* len is the expected size of the result
- * We actually calculate with an extra word of precision, so
- * we can do faster division if the remainder is not required.
- */
-/* r := 2^len / m */
+
int
-BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx)
+BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
+ BN_RECP_CTX *recp, BN_CTX *ctx)
{
- int ret = -1;
- BIGNUM *t;
+ int ret = 0;
+ BIGNUM *a;
+ const BIGNUM *ca;
BN_CTX_start(ctx);
- if ((t = BN_CTX_get(ctx)) == NULL)
- goto err;
-
- if (!BN_set_bit(t, len))
- goto err;
-
- if (!BN_div_ct(r, NULL, t,m, ctx))
+ if ((a = BN_CTX_get(ctx)) == NULL)
goto err;
+ if (y != NULL) {
+ if (x == y) {
+ if (!BN_sqr(a, x, ctx))
+ goto err;
+ } else {
+ if (!BN_mul(a, x, y, ctx))
+ goto err;
+ }
+ ca = a;
+ } else
+ ca = x; /* Just do the mod */
- ret = len;
+ ret = BN_div_recp(NULL, r, ca, recp, ctx);
err:
BN_CTX_end(ctx);
diff --git a/lib/libcrypto/ec/ec_lib.c b/lib/libcrypto/ec/ec_lib.c
index d961ad0ee49..a50b1e5633b 100644
--- a/lib/libcrypto/ec/ec_lib.c
+++ b/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.94 2025/01/05 16:07:08 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.103 2025/01/07 08:30:52 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
@@ -107,8 +107,7 @@ EC_GROUP_new(const EC_METHOD *meth)
goto err;
/*
- * generator and seed are optional. mont_ctx, mont_one are only for
- * curves using EC_GFp_mont_method()
+ * generator, seed and mont_ctx are optional.
*/
return group;
@@ -131,7 +130,6 @@ EC_GROUP_free(EC_GROUP *group)
BN_free(group->b);
BN_MONT_CTX_free(group->mont_ctx);
- BN_free(group->mont_one);
EC_POINT_free(group->generator);
BN_free(group->order);
@@ -150,44 +148,55 @@ EC_GROUP_clear_free(EC_GROUP *group)
LCRYPTO_ALIAS(EC_GROUP_clear_free);
int
-EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
+EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src)
{
- if (dest->meth->group_copy == NULL) {
- ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- if (dest->meth != src->meth) {
+ if (dst->meth != src->meth) {
ECerror(EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
- if (dest == src)
+ if (dst == src)
return 1;
- if (!dest->meth->group_copy(dest, src))
+ if (!bn_copy(dst->p, src->p))
+ return 0;
+ if (!bn_copy(dst->a, src->a))
+ return 0;
+ if (!bn_copy(dst->b, src->b))
return 0;
- EC_POINT_free(dest->generator);
- dest->generator = NULL;
+ dst->a_is_minus3 = src->a_is_minus3;
+
+ BN_MONT_CTX_free(dst->mont_ctx);
+ dst->mont_ctx = NULL;
+ if (src->mont_ctx != NULL) {
+ if ((dst->mont_ctx = BN_MONT_CTX_new()) == NULL)
+ return 0;
+ if (!BN_MONT_CTX_copy(dst->mont_ctx, src->mont_ctx))
+ return 0;
+ }
+
+ EC_POINT_free(dst->generator);
+ dst->generator = NULL;
if (src->generator != NULL) {
- if (!EC_GROUP_set_generator(dest, src->generator, src->order,
+ if (!EC_GROUP_set_generator(dst, src->generator, src->order,
src->cofactor))
return 0;
} else {
/* XXX - should do the sanity checks as in set_generator() */
- if (!bn_copy(dest->order, src->order))
+ if (!bn_copy(dst->order, src->order))
return 0;
- if (!bn_copy(dest->cofactor, src->cofactor))
+ if (!bn_copy(dst->cofactor, src->cofactor))
return 0;
}
- dest->nid = src->nid;
- dest->asn1_flag = src->asn1_flag;
- dest->asn1_form = src->asn1_form;
+ dst->nid = src->nid;
+ dst->asn1_flag = src->asn1_flag;
+ dst->asn1_form = src->asn1_form;
- if (!EC_GROUP_set_seed(dest, src->seed, src->seed_len))
+ if (!EC_GROUP_set_seed(dst, src->seed, src->seed_len))
return 0;
- return dest->meth->group_copy(dest, src);
+ return 1;
}
LCRYPTO_ALIAS(EC_GROUP_copy);
@@ -395,7 +404,7 @@ EC_GROUP_get0_order(const EC_GROUP *group)
int
EC_GROUP_order_bits(const EC_GROUP *group)
{
- return group->meth->group_order_bits(group);
+ return BN_num_bits(group->order);
}
LCRYPTO_ALIAS(EC_GROUP_order_bits);
@@ -583,11 +592,7 @@ LCRYPTO_ALIAS(EC_GROUP_new_curve_GFp);
int
EC_GROUP_get_degree(const EC_GROUP *group)
{
- if (group->meth->group_get_degree == NULL) {
- ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
- }
- return group->meth->group_get_degree(group);
+ return BN_num_bits(group->p);
}
LCRYPTO_ALIAS(EC_GROUP_get_degree);
@@ -595,6 +600,7 @@ int
EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx_in)
{
BN_CTX *ctx;
+ BIGNUM *p, *a, *b, *discriminant;
int ret = 0;
if ((ctx = ctx_in) == NULL)
@@ -602,11 +608,50 @@ EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx_in)
if (ctx == NULL)
goto err;
- if (group->meth->group_check_discriminant == NULL) {
- ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ BN_CTX_start(ctx);
+
+ if ((p = BN_CTX_get(ctx)) == NULL)
+ goto err;
+ if ((a = BN_CTX_get(ctx)) == NULL)
+ goto err;
+ if ((b = BN_CTX_get(ctx)) == NULL)
+ goto err;
+ if ((discriminant = BN_CTX_get(ctx)) == NULL)
+ goto err;
+
+ if (!EC_GROUP_get_curve(group, p, a, b, ctx))
+ goto err;
+
+ /*
+ * Check that the discriminant 4a^3 + 27b^2 is non-zero modulo p.
+ */
+
+ if (BN_is_zero(a) && BN_is_zero(b))
+ goto err;
+ if (BN_is_zero(a) || BN_is_zero(b))
+ goto done;
+
+ /* Compute the discriminant: first 4a^3, then 27b^2, then their sum. */
+ if (!BN_mod_sqr(discriminant, a, p, ctx))
+ goto err;
+ if (!BN_mod_mul(discriminant, discriminant, a, p, ctx))
+ goto err;
+ if (!BN_lshift(discriminant, discriminant, 2))
+ goto err;
+
+ if (!BN_mod_sqr(b, b, p, ctx))
+ goto err;
+ if (!BN_mul_word(b, 27))
+ goto err;
+
+ if (!BN_mod_add(discriminant, discriminant, b, p, ctx))
+ goto err;
+
+ if (BN_is_zero(discriminant))
goto err;
- }
- ret = group->meth->group_check_discriminant(group, ctx);
+
+ done:
+ ret = 1;
err:
if (ctx != ctx_in)
@@ -768,24 +813,6 @@ EC_GROUP_cmp(const EC_GROUP *group1, const EC_GROUP *group2, BN_CTX *ctx_in)
}
LCRYPTO_ALIAS(EC_GROUP_cmp);
-/*
- * Coordinate blinding for EC_POINT.
- *
- * The underlying EC_METHOD can optionally implement this function:
- * underlying implementations should return 0 on errors, or 1 on success.
- *
- * This wrapper returns 1 in case the underlying EC_METHOD does not support
- * coordinate blinding.
- */
-int
-ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx)
-{
- if (group->meth->blind_coordinates == NULL)
- return 1;
-
- return group->meth->blind_coordinates(group, p, ctx);
-}
-
EC_POINT *
EC_POINT_new(const EC_GROUP *group)
{
@@ -841,22 +868,22 @@ EC_POINT_clear_free(EC_POINT *point)
LCRYPTO_ALIAS(EC_POINT_clear_free);
int
-EC_POINT_copy(EC_POINT *dest, const EC_POINT *src)
+EC_POINT_copy(EC_POINT *dst, const EC_POINT *src)
{
- if (dest->meth != src->meth) {
+ if (dst->meth != src->meth) {
ECerror(EC_R_INCOMPATIBLE_OBJECTS);
return 0;
}
- if (dest == src)
+ if (dst == src)
return 1;
- if (!bn_copy(dest->X, src->X))
+ if (!bn_copy(dst->X, src->X))
return 0;
- if (!bn_copy(dest->Y, src->Y))
+ if (!bn_copy(dst->Y, src->Y))
return 0;
- if (!bn_copy(dest->Z, src->Z))
+ if (!bn_copy(dst->Z, src->Z))
return 0;
- dest->Z_is_one = src->Z_is_one;
+ dst->Z_is_one = src->Z_is_one;
return 1;
}
@@ -908,90 +935,6 @@ EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
LCRYPTO_ALIAS(EC_POINT_set_to_infinity);
int
-EC_POINT_set_Jprojective_coordinates(const EC_GROUP *group, EC_POINT *point,
- const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx_in)
-{
- BN_CTX *ctx;
- int ret = 0;
-
- if ((ctx = ctx_in) == NULL)
- ctx = BN_CTX_new();
- if (ctx == NULL)
- goto err;
-
- if (group->meth->point_set_Jprojective_coordinates == NULL) {
- ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- goto err;
- }
- if (group->meth != point->meth) {
- ECerror(EC_R_INCOMPATIBLE_OBJECTS);
- goto err;
- }
- if (!group->meth->point_set_Jprojective_coordinates(group, point,
- x, y, z, ctx))
- goto err;
-
- if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
- ECerror(EC_R_POINT_IS_NOT_ON_CURVE);
- goto err;
- }
-
- ret = 1;
-
- err:
- if (ctx != ctx_in)
- BN_CTX_free(ctx);
-
- return ret;
-}
-
-int
-EC_POINT_get_Jprojective_coordinates(const EC_GROUP *group,
- const EC_POINT *point, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx_in)
-{
- BN_CTX *ctx;
- int ret = 0;
-
- if ((ctx = ctx_in) == NULL)
- ctx = BN_CTX_new();
- if (ctx == NULL)
- goto err;
-
- if (group->meth->point_get_Jprojective_coordinates == NULL) {
- ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- goto err;
- }
- if (group->meth != point->meth) {
- ECerror(EC_R_INCOMPATIBLE_OBJECTS);
- goto err;
- }
- ret = group->meth->point_get_Jprojective_coordinates(group, point,
- x, y, z, ctx);
-
- err:
- if (ctx != ctx_in)
- BN_CTX_free(ctx);
-
- return ret;
-}
-
-int
-EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
- const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx)
-{
- return EC_POINT_set_Jprojective_coordinates(group, point, x, y, z, ctx);
-}
-LCRYPTO_ALIAS(EC_POINT_set_Jprojective_coordinates_GFp);
-
-int
-EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
- const EC_POINT *point, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx)
-{
- return EC_POINT_get_Jprojective_coordinates(group, point, x, y, z, ctx);
-}
-LCRYPTO_ALIAS(EC_POINT_get_Jprojective_coordinates_GFp);
-
-int
EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *point,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx_in)
{
@@ -1461,8 +1404,25 @@ EC_GROUP_have_precompute_mult(const EC_GROUP *group)
}
LCRYPTO_ALIAS(EC_GROUP_have_precompute_mult);
+/*
+ * XXX - remove everything below in the next bump
+ */
+
int
-ec_group_simple_order_bits(const EC_GROUP *group)
+EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
+ const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx)
{
- return BN_num_bits(group->order);
+ ECerror(ERR_R_DISABLED);
+ return 0;
}
+LCRYPTO_ALIAS(EC_POINT_set_Jprojective_coordinates_GFp);
+
+int
+EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+ const EC_POINT *point, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx)
+{
+ ECerror(ERR_R_DISABLED);
+ return 0;
+}
+LCRYPTO_ALIAS(EC_POINT_get_Jprojective_coordinates_GFp);
+
diff --git a/lib/libcrypto/ec/ec_local.h b/lib/libcrypto/ec/ec_local.h
index 0d734351de3..59499089911 100644
--- a/lib/libcrypto/ec/ec_local.h
+++ b/lib/libcrypto/ec/ec_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_local.h,v 1.46 2025/01/05 16:07:08 tb Exp $ */
+/* $OpenBSD: ec_local.h,v 1.54 2025/01/07 08:52:17 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
@@ -88,21 +88,11 @@ __BEGIN_HIDDEN_DECLS
struct ec_method_st {
int field_type;
- int (*group_copy)(EC_GROUP *, const EC_GROUP *);
-
int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *);
int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a,
BIGNUM *b, BN_CTX *);
- int (*group_get_degree)(const EC_GROUP *);
- int (*group_order_bits)(const EC_GROUP *);
- int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *);
-
- int (*point_set_Jprojective_coordinates)(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
- int (*point_get_Jprojective_coordinates)(const EC_GROUP *,
- const EC_POINT *, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
int (*point_set_affine_coordinates)(const EC_GROUP *, EC_POINT *,
const BIGNUM *x, const BIGNUM *y, BN_CTX *);
int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_POINT *,
@@ -146,10 +136,6 @@ struct ec_method_st {
BN_CTX *);
int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
BN_CTX *);
-
- int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *);
- int (*blind_coordinates)(const EC_GROUP *group, EC_POINT *p,
- BN_CTX *ctx);
} /* EC_METHOD */;
struct ec_group_st {
@@ -174,11 +160,6 @@ struct ec_group_st {
size_t seed_len;
/*
- * Internal methods and members. Handled by the method functions, even
- * if they appear to be generic.
- */
-
- /*
* Coefficients of the Weierstrass equation y^2 = x^3 + a*x + b (mod p).
*/
BIGNUM *p;
@@ -188,30 +169,10 @@ struct ec_group_st {
/* Enables optimized point arithmetics for special case. */
int a_is_minus3;
- /* Montgomery context and values used by EC_GFp_mont_method. */
+ /* Montgomery context used by EC_GFp_mont_method. */
BN_MONT_CTX *mont_ctx;
- BIGNUM *mont_one;
} /* EC_GROUP */;
-struct ec_key_st {
- const EC_KEY_METHOD *meth;
-
- int version;
-
- EC_GROUP *group;
-
- EC_POINT *pub_key;
- BIGNUM *priv_key;
-
- unsigned int enc_flag;
- point_conversion_form_t conv_form;
-
- int references;
- int flags;
-
- CRYPTO_EX_DATA ex_data;
-} /* EC_KEY */;
-
struct ec_point_st {
const EC_METHOD *meth;
@@ -229,10 +190,20 @@ struct ec_point_st {
int ec_wnaf_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *m,
const EC_POINT *point, const BIGNUM *n, BN_CTX *ctx);
-int ec_group_simple_order_bits(const EC_GROUP *group);
-int ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx);
+int ec_group_is_builtin_curve(const EC_GROUP *group, int *out_nid);
+int ec_group_get_field_type(const EC_GROUP *group);
-/* EC_METHOD definitions */
+/*
+ * Wrappers around the unergonomic EC_POINT_{oct2point,point2oct}().
+ */
+int ec_point_from_octets(const EC_GROUP *group, const unsigned char *buf,
+ size_t buf_len, EC_POINT **out_point, uint8_t *out_form, BN_CTX *ctx_in);
+int ec_point_to_octets(const EC_GROUP *group, const EC_POINT *point, int form,
+ unsigned char **out_buf, size_t *len, BN_CTX *ctx_in);
+
+/* Public API in OpenSSL */
+const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
struct ec_key_method_st {
const char *name;
@@ -262,6 +233,25 @@ struct ec_key_method_st {
#define EC_KEY_METHOD_DYNAMIC 1
+struct ec_key_st {
+ const EC_KEY_METHOD *meth;
+
+ int version;
+
+ EC_GROUP *group;
+
+ EC_POINT *pub_key;
+ BIGNUM *priv_key;
+
+ unsigned int enc_flag;
+ point_conversion_form_t conv_form;
+
+ int references;
+ int flags;
+
+ CRYPTO_EX_DATA ex_data;
+} /* EC_KEY */;
+
int eckey_compute_pubkey(EC_KEY *eckey);
int ec_key_gen(EC_KEY *eckey);
int ecdh_compute_key(unsigned char **out, size_t *out_len,
@@ -277,24 +267,4 @@ int ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z,
size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md);
-int EC_POINT_set_Jprojective_coordinates(const EC_GROUP *group, EC_POINT *p,
- const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
-int EC_POINT_get_Jprojective_coordinates(const EC_GROUP *group,
- const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
-
-int ec_group_is_builtin_curve(const EC_GROUP *group, int *out_nid);
-int ec_group_get_field_type(const EC_GROUP *group);
-
-/*
- * Wrappers around the unergonomic EC_POINT_{oct2point,point2oct}().
- */
-int ec_point_from_octets(const EC_GROUP *group, const unsigned char *buf,
- size_t buf_len, EC_POINT **out_point, uint8_t *out_form, BN_CTX *ctx_in);
-int ec_point_to_octets(const EC_GROUP *group, const EC_POINT *point, int form,
- unsigned char **out_buf, size_t *len, BN_CTX *ctx_in);
-
-/* Public API in OpenSSL */
-const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
-const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
-
__END_HIDDEN_DECLS
diff --git a/lib/libcrypto/ec/ecp_methods.c b/lib/libcrypto/ec/ecp_methods.c
index b2ecc7e17a5..9593428870f 100644
--- a/lib/libcrypto/ec/ecp_methods.c
+++ b/lib/libcrypto/ec/ecp_methods.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_methods.c,v 1.18 2025/01/05 16:07:08 tb Exp $ */
+/* $OpenBSD: ecp_methods.c,v 1.26 2025/01/07 08:30:52 tb Exp $ */
/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
* for the OpenSSL project.
* Includes code written by Bodo Moeller for the OpenSSL project.
@@ -85,21 +85,6 @@
*/
static int
-ec_group_copy(EC_GROUP *dest, const EC_GROUP *src)
-{
- if (!bn_copy(dest->p, src->p))
- return 0;
- if (!bn_copy(dest->a, src->a))
- return 0;
- if (!bn_copy(dest->b, src->b))
- return 0;
-
- dest->a_is_minus3 = src->a_is_minus3;
-
- return 1;
-}
-
-static int
ec_decode_scalar(const EC_GROUP *group, BIGNUM *bn, const BIGNUM *x, BN_CTX *ctx)
{
if (bn == NULL)
@@ -124,23 +109,6 @@ ec_encode_scalar(const EC_GROUP *group, BIGNUM *bn, const BIGNUM *x, BN_CTX *ctx
}
static int
-ec_encode_z_coordinate(const EC_GROUP *group, BIGNUM *bn, int *is_one,
- const BIGNUM *z, BN_CTX *ctx)
-{
- if (!BN_nnmod(bn, z, group->p, ctx))
- return 0;
-
- *is_one = BN_is_one(bn);
- if (*is_one && group->meth->field_set_to_one != NULL)
- return group->meth->field_set_to_one(group, bn, ctx);
-
- if (group->meth->field_encode != NULL)
- return group->meth->field_encode(group, bn, bn, ctx);
-
- return 1;
-}
-
-static int
ec_group_set_curve(EC_GROUP *group,
const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
@@ -199,111 +167,23 @@ ec_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
}
static int
-ec_group_get_degree(const EC_GROUP *group)
-{
- return BN_num_bits(group->p);
-}
-
-static int
-ec_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
+ec_point_set_affine_coordinates(const EC_GROUP *group, EC_POINT *point,
+ const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx)
{
- BIGNUM *p, *a, *b, *discriminant;
int ret = 0;
- BN_CTX_start(ctx);
-
- if ((p = BN_CTX_get(ctx)) == NULL)
- goto err;
- if ((a = BN_CTX_get(ctx)) == NULL)
- goto err;
- if ((b = BN_CTX_get(ctx)) == NULL)
- goto err;
- if ((discriminant = BN_CTX_get(ctx)) == NULL)
- goto err;
-
- if (!EC_GROUP_get_curve(group, p, a, b, ctx))
- goto err;
-
- /*
- * Check that the discriminant 4a^3 + 27b^2 is non-zero modulo p.
- */
-
- if (BN_is_zero(a) && BN_is_zero(b))
- goto err;
- if (BN_is_zero(a) || BN_is_zero(b))
- goto done;
-
- /* Compute the discriminant: first 4a^3, then 27b^2, then their sum. */
- if (!BN_mod_sqr(discriminant, a, p, ctx))
- goto err;
- if (!BN_mod_mul(discriminant, discriminant, a, p, ctx))
- goto err;
- if (!BN_lshift(discriminant, discriminant, 2))
- goto err;
-
- if (!BN_mod_sqr(b, b, p, ctx))
- goto err;
- if (!BN_mul_word(b, 27))
- goto err;
-
- if (!BN_mod_add(discriminant, discriminant, b, p, ctx))
- goto err;
-
- if (BN_is_zero(discriminant))
+ if (x == NULL || y == NULL) {
+ ECerror(ERR_R_PASSED_NULL_PARAMETER);
goto err;
-
- done:
- ret = 1;
-
- err:
- BN_CTX_end(ctx);
-
- return ret;
-}
-
-static int
-ec_set_Jprojective_coordinates(const EC_GROUP *group, EC_POINT *point,
- const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx)
-{
- int ret = 0;
-
- /*
- * Setting individual coordinates allows the creation of bad points.
- * EC_POINT_set_Jprojective_coordinates() checks at the API boundary.
- */
-
- if (x != NULL) {
- if (!ec_encode_scalar(group, point->X, x, ctx))
- goto err;
- }
- if (y != NULL) {
- if (!ec_encode_scalar(group, point->Y, y, ctx))
- goto err;
- }
- if (z != NULL) {
- if (!ec_encode_z_coordinate(group, point->Z, &point->Z_is_one,
- z, ctx))
- goto err;
}
- ret = 1;
-
- err:
- return ret;
-}
-
-static int
-ec_get_Jprojective_coordinates(const EC_GROUP *group, const EC_POINT *point,
- BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx)
-{
- int ret = 0;
-
- if (!ec_decode_scalar(group, x, point->X, ctx))
+ if (!ec_encode_scalar(group, point->X, x, ctx))
goto err;
- if (!ec_decode_scalar(group, y, point->Y, ctx))
+ if (!ec_encode_scalar(group, point->Y, y, ctx))
goto err;
- if (!ec_decode_scalar(group, z, point->Z, ctx))
+ if (!ec_encode_scalar(group, point->Z, BN_value_one(), ctx))
goto err;
+ point->Z_is_one = 1;
ret = 1;
@@ -312,19 +192,6 @@ ec_get_Jprojective_coordinates(const EC_GROUP *group, const EC_POINT *point,
}
static int
-ec_point_set_affine_coordinates(const EC_GROUP *group, EC_POINT *point,
- const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx)
-{
- if (x == NULL || y == NULL) {
- /* unlike for projective coordinates, we do not tolerate this */
- ECerror(ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- return EC_POINT_set_Jprojective_coordinates(group, point, x, y,
- BN_value_one(), ctx);
-}
-
-static int
ec_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point,
BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
{
@@ -344,7 +211,10 @@ ec_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point,
if ((Z_3 = BN_CTX_get(ctx)) == NULL)
goto err;
- /* Convert from projective coordinates (X, Y, Z) into (X/Z^2, Y/Z^3). */
+ /*
+ * Convert from Jacobian projective coordinates (X, Y, Z) into
+ * (X/Z^2, Y/Z^3).
+ */
if (!ec_decode_scalar(group, z, point->Z, ctx))
goto err;
@@ -1058,7 +928,7 @@ ec_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[],
BN_CTX *ctx)
{
BIGNUM **prod_Z = NULL;
- BIGNUM *tmp, *tmp_Z;
+ BIGNUM *one, *tmp, *tmp_Z;
size_t i;
int ret = 0;
@@ -1067,11 +937,16 @@ ec_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[],
BN_CTX_start(ctx);
+ if ((one = BN_CTX_get(ctx)) == NULL)
+ goto err;
if ((tmp = BN_CTX_get(ctx)) == NULL)
goto err;
if ((tmp_Z = BN_CTX_get(ctx)) == NULL)
goto err;
+ if (!ec_encode_scalar(group, one, BN_value_one(), ctx))
+ goto err;
+
if ((prod_Z = calloc(num, sizeof *prod_Z)) == NULL)
goto err;
for (i = 0; i < num; i++) {
@@ -1088,13 +963,8 @@ ec_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[],
if (!bn_copy(prod_Z[0], points[0]->Z))
goto err;
} else {
- if (group->meth->field_set_to_one != NULL) {
- if (!group->meth->field_set_to_one(group, prod_Z[0], ctx))
- goto err;
- } else {
- if (!BN_one(prod_Z[0]))
- goto err;
- }
+ if (!bn_copy(prod_Z[0], one))
+ goto err;
}
for (i = 1; i < num; i++) {
@@ -1173,13 +1043,8 @@ ec_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[],
if (!group->meth->field_mul(group, p->Y, p->Y, tmp, ctx))
goto err;
- if (group->meth->field_set_to_one != NULL) {
- if (!group->meth->field_set_to_one(group, p->Z, ctx))
- goto err;
- } else {
- if (!BN_one(p->Z))
- goto err;
- }
+ if (!bn_copy(p->Z, one))
+ goto err;
p->Z_is_one = 1;
}
@@ -1206,7 +1071,7 @@ ec_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
}
/*
- * Apply randomization of EC point projective coordinates:
+ * Apply randomization of EC point Jacobian projective coordinates:
*
* (X, Y, Z) = (lambda^2 * X, lambda^3 * Y, lambda * Z)
*
@@ -1387,7 +1252,7 @@ ec_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
* Apply coordinate blinding for EC_POINT if the underlying EC_METHOD
* implements it.
*/
- if (!ec_point_blind_coordinates(group, s, ctx))
+ if (!ec_blind_coordinates(group, s, ctx))
goto err;
/* top bit is a 1, in a fixed pos */
@@ -1508,81 +1373,35 @@ ec_mul_double_nonct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
return ec_wnaf_mul(group, r, g_scalar, point, p_scalar, ctx);
}
-static void
-ec_mont_group_clear(EC_GROUP *group)
-{
- BN_MONT_CTX_free(group->mont_ctx);
- group->mont_ctx = NULL;
-
- BN_free(group->mont_one);
- group->mont_one = NULL;
-}
-
-static int
-ec_mont_group_copy(EC_GROUP *dest, const EC_GROUP *src)
-{
- ec_mont_group_clear(dest);
-
- if (!ec_group_copy(dest, src))
- return 0;
-
- if (src->mont_ctx != NULL) {
- dest->mont_ctx = BN_MONT_CTX_new();
- if (dest->mont_ctx == NULL)
- return 0;
- if (!BN_MONT_CTX_copy(dest->mont_ctx, src->mont_ctx))
- goto err;
- }
- if (src->mont_one != NULL) {
- dest->mont_one = BN_dup(src->mont_one);
- if (dest->mont_one == NULL)
- goto err;
- }
- return 1;
-
- err:
- if (dest->mont_ctx != NULL) {
- BN_MONT_CTX_free(dest->mont_ctx);
- dest->mont_ctx = NULL;
- }
- return 0;
-}
-
static int
ec_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx)
{
BN_MONT_CTX *mont = NULL;
- BIGNUM *one = NULL;
int ret = 0;
- ec_mont_group_clear(group);
+ BN_MONT_CTX_free(group->mont_ctx);
+ group->mont_ctx = NULL;
- mont = BN_MONT_CTX_new();
- if (mont == NULL)
+ if ((mont = BN_MONT_CTX_new()) == NULL)
goto err;
if (!BN_MONT_CTX_set(mont, p, ctx)) {
ECerror(ERR_R_BN_LIB);
goto err;
}
- one = BN_new();
- if (one == NULL)
- goto err;
- if (!BN_to_montgomery(one, BN_value_one(), mont, ctx))
- goto err;
-
group->mont_ctx = mont;
mont = NULL;
- group->mont_one = one;
- one = NULL;
- ret = ec_group_set_curve(group, p, a, b, ctx);
- if (!ret)
- ec_mont_group_clear(group);
+ if (!ec_group_set_curve(group, p, a, b, ctx)) {
+ BN_MONT_CTX_free(group->mont_ctx);
+ group->mont_ctx = NULL;
+ goto err;
+ }
+
+ ret = 1;
err:
BN_MONT_CTX_free(mont);
- BN_free(one);
return ret;
}
@@ -1631,29 +1450,10 @@ ec_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
return BN_from_montgomery(r, a, group->mont_ctx, ctx);
}
-static int
-ec_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx)
-{
- if (group->mont_one == NULL) {
- ECerror(EC_R_NOT_INITIALIZED);
- return 0;
- }
- if (!bn_copy(r, group->mont_one))
- return 0;
-
- return 1;
-}
-
static const EC_METHOD ec_GFp_simple_method = {
.field_type = NID_X9_62_prime_field,
- .group_copy = ec_group_copy,
.group_set_curve = ec_group_set_curve,
.group_get_curve = ec_group_get_curve,
- .group_get_degree = ec_group_get_degree,
- .group_order_bits = ec_group_simple_order_bits,
- .group_check_discriminant = ec_group_check_discriminant,
- .point_set_Jprojective_coordinates = ec_set_Jprojective_coordinates,
- .point_get_Jprojective_coordinates = ec_get_Jprojective_coordinates,
.point_set_affine_coordinates = ec_point_set_affine_coordinates,
.point_get_affine_coordinates = ec_point_get_affine_coordinates,
.point_set_compressed_coordinates = ec_set_compressed_coordinates,
@@ -1669,7 +1469,6 @@ static const EC_METHOD ec_GFp_simple_method = {
.mul_double_nonct = ec_mul_double_nonct,
.field_mul = ec_field_mul,
.field_sqr = ec_field_sqr,
- .blind_coordinates = ec_blind_coordinates,
};
const EC_METHOD *
@@ -1681,14 +1480,8 @@ LCRYPTO_ALIAS(EC_GFp_simple_method);
static const EC_METHOD ec_GFp_mont_method = {
.field_type = NID_X9_62_prime_field,
- .group_copy = ec_mont_group_copy,
.group_set_curve = ec_mont_group_set_curve,
.group_get_curve = ec_group_get_curve,
- .group_get_degree = ec_group_get_degree,
- .group_order_bits = ec_group_simple_order_bits,
- .group_check_discriminant = ec_group_check_discriminant,
- .point_set_Jprojective_coordinates = ec_set_Jprojective_coordinates,
- .point_get_Jprojective_coordinates = ec_get_Jprojective_coordinates,
.point_set_affine_coordinates = ec_point_set_affine_coordinates,
.point_get_affine_coordinates = ec_point_get_affine_coordinates,
.point_set_compressed_coordinates = ec_set_compressed_coordinates,
@@ -1706,8 +1499,6 @@ static const EC_METHOD ec_GFp_mont_method = {
.field_sqr = ec_mont_field_sqr,
.field_encode = ec_mont_field_encode,
.field_decode = ec_mont_field_decode,
- .field_set_to_one = ec_mont_field_set_to_one,
- .blind_coordinates = ec_blind_coordinates,
};
const EC_METHOD *
diff --git a/lib/libcrypto/man/X509_NAME_print_ex.3 b/lib/libcrypto/man/X509_NAME_print_ex.3
index 8024d8380d5..f1b3262f2a9 100644
--- a/lib/libcrypto/man/X509_NAME_print_ex.3
+++ b/lib/libcrypto/man/X509_NAME_print_ex.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_NAME_print_ex.3,v 1.12 2021/11/11 15:58:49 schwarze Exp $
+.\" $OpenBSD: X509_NAME_print_ex.3,v 1.14 2025/01/08 00:08:02 tb Exp $
.\" full merge up to: OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400
.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
.\"
@@ -50,7 +50,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: November 11 2021 $
+.Dd $Mdocdate: January 8 2025 $
.Dt X509_NAME_PRINT_EX 3
.Os
.Sh NAME
@@ -131,12 +131,11 @@ is returned.
prints out
.Fa name
to
-.Fa bp
-indenting each line by
+.Fa bp .
+The
.Fa obase
-characters.
-Multiple lines are used if the output (including indent) exceeds 80
-characters.
+argument is intended to indent the output,
+it is however ignored.
.Pp
The functions
.Fn X509_NAME_oneline
diff --git a/lib/libcrypto/pkcs12/p12_kiss.c b/lib/libcrypto/pkcs12/p12_kiss.c
index 48bbd137c6a..e4de2eb61c9 100644
--- a/lib/libcrypto/pkcs12/p12_kiss.c
+++ b/lib/libcrypto/pkcs12/p12_kiss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p12_kiss.c,v 1.27 2023/02/16 08:38:17 tb Exp $ */
+/* $OpenBSD: p12_kiss.c,v 1.28 2025/01/06 23:35:25 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
@@ -77,7 +77,7 @@ static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
/* Parse and decrypt a PKCS#12 structure returning user key, user cert
* and other (CA) certs. Note either ca should be NULL, *ca should be NULL,
* or it should point to a valid STACK structure. pkey and cert can be
- * passed unitialised.
+ * passed uninitialised.
*/
int
diff --git a/lib/libcrypto/ts/ts_lib.c b/lib/libcrypto/ts/ts_lib.c
index 1e94922aa19..7e401017529 100644
--- a/lib/libcrypto/ts/ts_lib.c
+++ b/lib/libcrypto/ts/ts_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_lib.c,v 1.14 2023/07/07 07:25:21 beck Exp $ */
+/* $OpenBSD: ts_lib.c,v 1.15 2025/01/07 14:22:19 tb Exp $ */
/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
* project 2002.
*/
@@ -74,20 +74,25 @@
int
TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num)
{
- BIGNUM num_bn;
- int result = 0;
- char *hex;
-
- BN_init(&num_bn);
- ASN1_INTEGER_to_BN(num, &num_bn);
- if ((hex = BN_bn2hex(&num_bn))) {
- result = BIO_write(bio, "0x", 2) > 0;
- result = result && BIO_write(bio, hex, strlen(hex)) > 0;
- free(hex);
- }
- BN_free(&num_bn);
+ BIGNUM *bn = NULL;
+ char *hex = NULL;
+ int ret = 0;
+
+ /* XXX - OpenSSL decided to return -1 here for some stupid reason. */
+ if ((bn = ASN1_INTEGER_to_BN(num, NULL)) == NULL)
+ goto err;
+ if ((hex = BN_bn2hex(bn)) == NULL)
+ goto err;
+ if (BIO_printf(bio, "0x%s", hex) <= 0)
+ goto err;
+
+ ret = 1;
+
+ err:
+ BN_free(bn);
+ free(hex);
- return result;
+ return ret;
}
LCRYPTO_ALIAS(TS_ASN1_INTEGER_print_bio);
diff --git a/lib/libcrypto/x509/x509_policy.c b/lib/libcrypto/x509/x509_policy.c
index 2208f3f018e..4321a9669d6 100644
--- a/lib/libcrypto/x509/x509_policy.c
+++ b/lib/libcrypto/x509/x509_policy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_policy.c,v 1.28 2024/11/14 18:47:31 tb Exp $ */
+/* $OpenBSD: x509_policy.c,v 1.29 2025/01/06 17:42:39 tb Exp $ */
/*
* Copyright (c) 2022, Google Inc.
*
@@ -398,7 +398,7 @@ process_certificate_policies(const X509 *x509, X509_POLICY_LEVEL *level,
/*
* This does the same thing as RFC 5280, section 6.1.3, step (d),
- * though in a slighty different order. |level| currently contains
+ * though in a slightly different order. |level| currently contains
* "expected_policy_set" values of the previous level.
* See |process_policy_mappings| for details.
*/
diff --git a/regress/lib/libcrypto/ec/ectest.c b/regress/lib/libcrypto/ec/ectest.c
index 973202700d1..48f05eeeee2 100644
--- a/regress/lib/libcrypto/ec/ectest.c
+++ b/regress/lib/libcrypto/ec/ectest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ectest.c,v 1.25 2025/01/06 10:42:28 tb Exp $ */
+/* $OpenBSD: ectest.c,v 1.26 2025/01/06 10:43:26 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
@@ -324,7 +324,7 @@ prime_field_tests(void)
if (!EC_POINT_get_affine_coordinates(group, R, x, y, ctx))
ABORT;
- fprintf(stdout, "\nAn inverse of that generator:\n X = 0x");
+ fprintf(stdout, "\nThe inverse of that generator:\n X = 0x");
BN_print_fp(stdout, x);
fprintf(stdout, ", Y = 0x");
BN_print_fp(stdout, y);
diff --git a/regress/sys/kern/sosplice/tcp/args-unsplice-forked.pl b/regress/sys/kern/sosplice/tcp/args-unsplice-forked.pl
index d1ef5490a75..e9d715617d3 100644
--- a/regress/sys/kern/sosplice/tcp/args-unsplice-forked.pl
+++ b/regress/sys/kern/sosplice/tcp/args-unsplice-forked.pl
@@ -17,8 +17,10 @@ our %args = (
or die "relay func: fork failed: $!";
if ($pid == 0) {
sleep 2;
- setsplice(\*STDIN)
- or die ref($self), " unsplice stdin failed: $!";
+ if ($self->{forward} =~ /splice/) {
+ setsplice(\*STDIN)
+ or die ref($self), " unsplice stdin failed: $!";
+ }
POSIX::_exit(0);
}
sleep 1;
diff --git a/regress/sys/netinet/tcpthread/Makefile b/regress/sys/netinet/tcpthread/Makefile
index 82258320bdc..b93669538aa 100644
--- a/regress/sys/netinet/tcpthread/Makefile
+++ b/regress/sys/netinet/tcpthread/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.1.1.1 2025/01/06 00:01:18 bluhm Exp $
+# $OpenBSD: Makefile,v 1.2 2025/01/06 22:25:38 bluhm Exp $
PROG= tcpthread
LDADD= -lpthread
@@ -19,7 +19,7 @@ run-sock100:
REGRESS_TARGETS += run-splice
run-splice:
- time ${KTRACE} ./${PROG} -n10 -S1
+ time ${KTRACE} ./${PROG} -n10 -S2
REGRESS_TARGETS += run-unsplice
run-unsplice:
@@ -33,4 +33,14 @@ REGRESS_TARGETS += run-idle
run-idle:
time ${KTRACE} ./${PROG} -n10 -S4 -I100 -s2 -r2
+REGRESS_ROOT_TARGETS += run-drop
+REGRESS_TARGETS += run-drop
+run-drop:
+ time ${SUDO} ${KTRACE} ./${PROG} -n10 -D3 -o0
+
+REGRESS_ROOT_TARGETS += run-splicedrop
+REGRESS_TARGETS += run-splicedrop
+run-splicedrop:
+ time ${SUDO} ${KTRACE} ./${PROG} -n10 -S2 -D3 -o0
+
.include <bsd.regress.mk>
diff --git a/regress/sys/netinet/tcpthread/README b/regress/sys/netinet/tcpthread/README
index 4dd7723a802..19527c5a290 100644
--- a/regress/sys/netinet/tcpthread/README
+++ b/regress/sys/netinet/tcpthread/README
@@ -3,4 +3,5 @@ Spawn multiple threads and run system calls on TCP socket in parallel.
Setup TCP connections on localhost and run system calls connect(2),
accept(2), send(2), recv(2), and close(2) in parallel. In addition
stress test for socket splicing, unsplice, max length and idle
-timeout can run. The successful operations are counted.
+timeout can run. Alternatively to close(2) the tcp drop sysctl(2)
+can be used. The successful operations are counted.
diff --git a/regress/sys/netinet/tcpthread/tcpthread.c b/regress/sys/netinet/tcpthread/tcpthread.c
index bd3dbdc078a..8221f6bd672 100644
--- a/regress/sys/netinet/tcpthread/tcpthread.c
+++ b/regress/sys/netinet/tcpthread/tcpthread.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tcpthread.c,v 1.1.1.1 2025/01/06 00:01:18 bluhm Exp $ */
+/* $OpenBSD: tcpthread.c,v 1.2 2025/01/06 22:25:38 bluhm Exp $ */
/*
* Copyright (c) 2025 Alexander Bluhm <bluhm@openbsd.org>
@@ -18,9 +18,14 @@
#include <sys/types.h>
#include <sys/atomic.h>
+#include <sys/queue.h>
#include <sys/socket.h>
+#include <sys/sysctl.h>
#include <netinet/in.h>
+#include <netinet/tcp.h>
+#include <netinet/tcp_timer.h>
+#include <netinet/tcp_var.h>
#include <err.h>
#include <errno.h>
@@ -31,8 +36,6 @@
#include <string.h>
#include <unistd.h>
-#define MAXIMUM(a, b) ((a) > (b) ? (a) : (b))
-
static const struct timespec time_1000ns = { 0, 1000 };
static const struct timeval time_1us = { 0, 1 };
@@ -42,20 +45,17 @@ union sockaddr_union {
struct sockaddr_in6 su_sin6;
};
-union inaddr_union {
- struct in_addr au_inaddr;
- struct in6_addr au_in6addr;
-};
-
unsigned int run_time = 10;
unsigned int sock_num = 1;
unsigned int connect_num = 1, accept_num = 1, send_num = 1, recv_num = 1,
- close_num = 1, splice_num = 0, unsplice_num = 0;
+ close_num = 1, splice_num = 0, unsplice_num = 0, drop_num = 0;
int max_percent = 0, idle_percent = 0;
volatile unsigned long max_count = 0, idle_count = 0;
-volatile int *listen_socks, *connect_socks, *accept_socks,
- *splice_listen_socks, *splice_accept_socks, *splice_connect_socks;
-union sockaddr_union *listen_addrs, *splice_addrs;
+int *listen_socks, *splice_listen_socks;
+volatile int *connect_socks, *accept_socks,
+ *splice_accept_socks, *splice_connect_socks;
+union sockaddr_union *listen_addrs, *splice_listen_addrs;
+struct tcp_ident_mapping *accept_tims, *splice_accept_tims;
struct sockaddr_in sin_loopback;
struct sockaddr_in6 sin6_loopback;
@@ -63,11 +63,12 @@ static void __dead
usage(void)
{
fprintf(stderr,
- "tcpthread [-a accept] [-c connect] [-I idle] [-M max] [-n num] "
- "[-o close] [-r recv] [-S splice] [-s send] [-t time] "
+ "tcpthread [-a accept] [-c connect] [-D drop] [-I idle] [-M max] "
+ "[-n num] [-o close] [-r recv] [-S splice] [-s send] [-t time] "
"[-U unsplice]\n"
" -a accept threads accepting sockets, default %u\n"
" -c connect threads connecting sockets, default %u\n"
+ " -D drop threads dropping TCP connections, default %u\n"
" -I idle percent with splice idle time, default %u\n"
" -M max percent with splice max lenght, default %d\n"
" -n num number of file descriptors, default %d\n"
@@ -77,8 +78,9 @@ usage(void)
" -s send threads sending data, default %u\n"
" -t time run time in seconds, default %u\n"
" -U unsplice threads running unsplice, default %u\n",
- accept_num, connect_num, idle_percent, max_percent, sock_num,
- close_num, recv_num, splice_num, send_num, run_time, unsplice_num);
+ accept_num, connect_num, drop_num, idle_percent, max_percent,
+ sock_num, close_num, recv_num, splice_num, send_num, run_time,
+ unsplice_num);
exit(2);
}
@@ -140,7 +142,8 @@ connect_routine(void *arg)
while (*run) {
connected = 0;
for (n = 0; n < sock_num; n++) {
- addr = &((splice_num > 0) ? splice_addrs : listen_addrs)
+ addr = &((splice_num > 0) ?
+ splice_listen_addrs : listen_addrs)
[rand_r(&seed) % sock_num].su_sa;
if (!connect_socket(&connect_socks[n], addr))
continue;
@@ -158,10 +161,13 @@ connect_routine(void *arg)
}
static int
-accept_socket(volatile int *acceptp, volatile int *listens)
+accept_socket(volatile int *acceptp, int *listens,
+ struct tcp_ident_mapping *tim, union sockaddr_union *addrs)
{
unsigned int i;
int sock;
+ struct sockaddr *sa;
+ socklen_t len;
if (*acceptp != -1) {
/* still accepted, not closed */
@@ -169,7 +175,9 @@ accept_socket(volatile int *acceptp, volatile int *listens)
}
sock = -1;
for (i = 0; i < sock_num; i++) {
- sock = accept4(listens[i], NULL, NULL, SOCK_NONBLOCK);
+ sa = (struct sockaddr *)&tim->faddr;
+ len = sizeof(tim->faddr);
+ sock = accept4(listens[i], sa, &len, SOCK_NONBLOCK);
if (sock < 0) {
if (errno == EWOULDBLOCK) {
/* no connection to accept */
@@ -177,6 +185,8 @@ accept_socket(volatile int *acceptp, volatile int *listens)
}
err(1, "%s: accept %d", __func__, listens[i]);
}
+ sa = &addrs[i].su_sa;
+ memcpy(&tim->laddr, sa, sa->sa_len);
break;
}
if (sock == -1) {
@@ -185,6 +195,7 @@ accept_socket(volatile int *acceptp, volatile int *listens)
err(1, "%s: nanosleep", __func__);
return 0;
}
+ membar_producer();
if ((int)atomic_cas_uint(acceptp, -1, sock) != -1) {
/* another thread has accepted slot n */
if (close(sock) < 0)
@@ -205,7 +216,8 @@ accept_routine(void *arg)
while (*run) {
accepted = 0;
for (n = 0; n < sock_num; n++) {
- if (!accept_socket(&accept_socks[n], listen_socks))
+ if (!accept_socket(&accept_socks[n], listen_socks,
+ &accept_tims[n], listen_addrs))
continue;
accepted = 1;
count++;
@@ -344,7 +356,8 @@ splice_routine(void *arg)
spliced = 0;
for (n = 0; n < sock_num; n++) {
if (!accept_socket(&splice_accept_socks[n],
- splice_listen_socks))
+ splice_listen_socks,
+ &splice_accept_tims[n], splice_listen_addrs))
continue;
/* free the matching connect slot */
sock = atomic_swap_uint(&splice_connect_socks[n], -1);
@@ -449,23 +462,60 @@ unsplice_routine(void *arg)
return (void *)count;
}
+static void *
+drop_routine(void *arg)
+{
+ static const int mib[] = { CTL_NET, PF_INET, IPPROTO_TCP, TCPCTL_DROP };
+ volatile int *run = arg;
+ unsigned long count = 0;
+ unsigned int seed, n;
+ volatile int *socks;
+ struct tcp_ident_mapping *tims;
+
+ seed = arc4random();
+
+ while (*run) {
+ if (splice_num > 0 && (rand_r(&seed) % 2)) {
+ socks = splice_accept_socks;
+ tims = splice_accept_tims;
+ } else {
+ socks = accept_socks;
+ tims = accept_tims;
+ }
+ n = rand_r(&seed) % sock_num;
+ if (socks[n] == -1)
+ continue;
+ membar_consumer();
+ /* accept_tims is not MP safe, but only ESRCH may happen */
+ if (sysctl(mib, sizeof(mib) / sizeof(mib[0]), NULL, NULL,
+ &tims[n], sizeof(tims[0])) < 0) {
+ if (errno == ESRCH)
+ continue;
+ err(1, "sysctl TCPCTL_DROP");
+ }
+ count++;
+ }
+
+ return (void *)count;
+}
+
int
main(int argc, char *argv[])
{
pthread_t *connect_thread, *accept_thread, *send_thread, *recv_thread,
- *close_thread, *splice_thread, *unsplice_thread;
+ *close_thread, *splice_thread, *unsplice_thread, *drop_thread;
struct sockaddr *sa;
const char *errstr;
unsigned int seed;
int ch, run;
unsigned int n;
unsigned long connect_count, accept_count, send_count, recv_count,
- close_count, splice_count, unsplice_count;
+ close_count, splice_count, unsplice_count, drop_count;
socklen_t len;
seed = arc4random();
- while ((ch = getopt(argc, argv, "a:c:I:M:n:o:r:S:s:t:U:")) != -1) {
+ while ((ch = getopt(argc, argv, "a:c:D:I:M:n:o:r:S:s:t:U:")) != -1) {
switch (ch) {
case 'a':
accept_num = strtonum(optarg, 0, UINT_MAX, &errstr);
@@ -477,6 +527,11 @@ main(int argc, char *argv[])
if (errstr != NULL)
errx(1, "connect is %s: %s", errstr, optarg);
break;
+ case 'D':
+ drop_num = strtonum(optarg, 0, UINT_MAX, &errstr);
+ if (errstr != NULL)
+ errx(1, "drop is %s: %s", errstr, optarg);
+ break;
case 'I':
idle_percent = strtonum(optarg, 0, 100, &errstr);
if (errstr != NULL)
@@ -556,6 +611,9 @@ main(int argc, char *argv[])
listen_addrs = calloc(sock_num, sizeof(listen_addrs[0]));
if (listen_addrs == NULL)
err(1, "listen_addrs");
+ accept_tims = calloc(sock_num, sizeof(accept_tims[0]));
+ if (accept_tims == NULL)
+ err(1, "accept_tims");
if (splice_num > 0) {
splice_listen_socks = reallocarray(NULL, sock_num, sizeof(int));
if (splice_listen_socks == NULL)
@@ -571,9 +629,14 @@ main(int argc, char *argv[])
splice_listen_socks[n] = splice_accept_socks[n] =
splice_connect_socks[n] = -1;
}
- splice_addrs = calloc(sock_num, sizeof(splice_addrs[0]));
- if (splice_addrs == NULL)
- err(1, "splice_addrs");
+ splice_listen_addrs = calloc(sock_num,
+ sizeof(splice_listen_addrs[0]));
+ if (splice_listen_addrs == NULL)
+ err(1, "splice_listen_addrs");
+ splice_accept_tims = calloc(sock_num,
+ sizeof(splice_accept_tims[0]));
+ if (splice_accept_tims == NULL)
+ err(1, "splice_accept_tims");
}
for (n = 0; n < sock_num; n++) {
@@ -609,9 +672,9 @@ main(int argc, char *argv[])
sa = (struct sockaddr *)&sin6_loopback;
if (bind(splice_listen_socks[n], sa, sa->sa_len) < 0)
err(1, "bind");
- len = sizeof(splice_addrs[n]);
+ len = sizeof(splice_listen_addrs[n]);
if (getsockname(splice_listen_socks[n],
- &splice_addrs[n].su_sa, &len) < 0)
+ &splice_listen_addrs[n].su_sa, &len) < 0)
err(1, "getsockname");
if (listen(splice_listen_socks[n], 128) < 0)
err(1, "listen");
@@ -691,6 +754,15 @@ main(int argc, char *argv[])
err(1, "pthread_create unsplice %u", n);
}
}
+ drop_thread = calloc(drop_num, sizeof(pthread_t));
+ if (drop_thread == NULL)
+ err(1, "drop_thread");
+ for (n = 0; n < drop_num; n++) {
+ errno = pthread_create(&drop_thread[n], NULL,
+ drop_routine, &run);
+ if (errno)
+ err(1, "pthread_create drop %u", n);
+ }
if (run_time > 0) {
if (sleep(run_time) < 0)
@@ -777,16 +849,28 @@ main(int argc, char *argv[])
}
free(unsplice_thread);
}
+ drop_count = 0;
+ for (n = 0; n < drop_num; n++) {
+ unsigned long count;
+
+ errno = pthread_join(drop_thread[n], (void **)&count);
+ if (errno)
+ err(1, "pthread_join drop %u", n);
+ drop_count += count;
+ }
+ free(drop_thread);
free((int *)listen_socks);
free((int *)connect_socks);
free((int *)accept_socks);
free(listen_addrs);
+ free(accept_tims);
if (splice_num > 0) {
free((int *)splice_listen_socks);
free((int *)splice_accept_socks);
free((int *)splice_connect_socks);
- free(splice_addrs);
+ free(splice_listen_addrs);
+ free(splice_accept_tims);
}
printf("count: connect %lu, ", connect_count);
@@ -794,8 +878,8 @@ main(int argc, char *argv[])
printf("splice %lu, unsplice %lu, max %lu, idle %lu, ",
splice_count, unsplice_count, max_count, idle_count);
}
- printf("accept %lu, send %lu, recv %lu, close %lu\n",
- accept_count, send_count, recv_count, close_count);
+ printf("accept %lu, send %lu, recv %lu, close %lu, drop %lu\n",
+ accept_count, send_count, recv_count, close_count, drop_count);
return 0;
}
diff --git a/regress/usr.bin/mandoc/roff/nr/scale.in b/regress/usr.bin/mandoc/roff/nr/scale.in
index 7793a585efc..af4536eebfc 100644
--- a/regress/usr.bin/mandoc/roff/nr/scale.in
+++ b/regress/usr.bin/mandoc/roff/nr/scale.in
@@ -1,5 +1,5 @@
-.\" $OpenBSD: scale.in,v 1.2 2017/07/04 14:53:27 schwarze Exp $
-.TH NR-INT 1 "January 23, 2015"
+.\" $OpenBSD: scale.in,v 1.3 2025/01/06 18:48:13 schwarze Exp $
+.TH NR-INT 1 "January 6, 2025"
.SH NAME
nr-scale \- scaling units in numeric expressions
.SH DESCRIPTION
@@ -25,3 +25,21 @@ nr-scale \- scaling units in numeric expressions
\nY
.nr Y 1X+2
\nY
+.PP
+.nr Y 0.001f
+0.001f = \nYu;
+.nr Y 0.1i
+0.1i = \nYu;
+.nr Y 0.1c
+0.1c = \nYu;
+.nr Y 0.25P
+0.25P = \nYu;
+.nr Y 0.6p
+0.6p = \nYu
+.PP
+.nr Y 3p
+3p = \nYu;
+.nr Y 1p+1p+1p
+1p+1p+1p = \nYu;
+.nr Y 1p*3
+1p*3 = \nYu
diff --git a/regress/usr.bin/mandoc/roff/nr/scale.out_ascii b/regress/usr.bin/mandoc/roff/nr/scale.out_ascii
index 0c3117d4be3..a75f58edfa4 100644
--- a/regress/usr.bin/mandoc/roff/nr/scale.out_ascii
+++ b/regress/usr.bin/mandoc/roff/nr/scale.out_ascii
@@ -6,4 +6,8 @@ NNAAMMEE
DDEESSCCRRIIPPTTIIOONN
65537 241 945 41 41 25 25 34 2 25 1
-OpenBSD January 23, 2015 NR-INT(1)
+ 0.001f = 65u; 0.1i = 24u; 0.1c = 9u; 0.25P = 10u; 0.6p = 2u
+
+ 3p = 10u; 1p+1p+1p = 9u; 1p*3 = 9u
+
+OpenBSD January 6, 2025 NR-INT(1)
diff --git a/sbin/ifconfig/brconfig.c b/sbin/ifconfig/brconfig.c
index f6a3d0ef619..4eb8d6cd45d 100644
--- a/sbin/ifconfig/brconfig.c
+++ b/sbin/ifconfig/brconfig.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: brconfig.c,v 1.32 2023/11/23 03:38:34 dlg Exp $ */
+/* $OpenBSD: brconfig.c,v 1.33 2025/01/06 17:49:29 denis Exp $ */
/*
* Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
@@ -693,6 +693,29 @@ bridge_addendpoint(const char *endpoint, const char *addr)
}
void
+bridge_delendpoint(const char *addr, int d)
+{
+ struct ifbareq ifba;
+ struct ether_addr *ea;
+ int ecode;
+
+ ea = ether_aton(addr);
+ if (ea == NULL) {
+ errx(1, "%s -endpoint %s: invalid Ethernet address",
+ ifname, addr);
+ }
+
+ memset(&ifba, 0, sizeof(ifba));
+ strlcpy(ifba.ifba_name, ifname, sizeof(ifba.ifba_name));
+ strlcpy(ifba.ifba_ifsname, ifname, sizeof(ifba.ifba_ifsname));
+ memcpy(&ifba.ifba_dst, ea, sizeof(struct ether_addr));
+ ifba.ifba_flags = IFBAF_STATIC;
+
+ if (ioctl(sock, SIOCBRDGDADDR, &ifba) == -1)
+ err(1, "%s -endpoint %s", ifname, addr);
+}
+
+void
bridge_addrs(const char *delim, int d)
{
char dstaddr[NI_MAXHOST];
diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index 121bb1e8f75..421c6b29113 100644
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ifconfig.8,v 1.400 2024/06/09 16:25:27 jan Exp $
+.\" $OpenBSD: ifconfig.8,v 1.401 2025/01/06 17:49:29 denis Exp $
.\" $NetBSD: ifconfig.8,v 1.11 1996/01/04 21:27:29 pk Exp $
.\" $FreeBSD: ifconfig.8,v 1.16 1998/02/01 07:03:29 steve Exp $
.\"
@@ -31,7 +31,7 @@
.\"
.\" @(#)ifconfig.8 8.4 (Berkeley) 6/1/94
.\"
-.Dd $Mdocdate: June 9 2024 $
+.Dd $Mdocdate: January 6 2025 $
.Dt IFCONFIG 8
.Os
.Sh NAME
@@ -1841,6 +1841,7 @@ for a complete list of the available protocols.
.Bk -words
.Nm ifconfig
.Ar tunnel-interface
+.Op Oo Fl Oc Ns Cm endpoint Ar dest_address dest_mac
.Op Oo Fl Oc Ns Cm keepalive Ar period count
.Op Oo Fl Oc Ns Cm parent Ar parent-interface
.Op Cm rxprio Ar prio
@@ -1867,6 +1868,20 @@ and
are all tunnel interfaces.
The following options are available:
.Bl -tag -width Ds
+.It Cm endpoint Ar dest_address dest_mac
+When
+.Xr vxlan 4
+is in endpoint mode, set the tunnel endpoint
+.Ar dest_address
+where
+.Ar dest_mac
+MAC address can be reached.
+.It Cm -endpoint Ar dest_mac
+When
+.Xr vxlan 4
+is in endpoint mode, remove the tunnel endpoint for
+.Ar dest_mac
+MAC address.
.It Cm keepalive Ar period count
Enable
.Xr gre 4
diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c
index e3b925fbcd5..4e865668a2b 100644
--- a/sbin/ifconfig/ifconfig.c
+++ b/sbin/ifconfig/ifconfig.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ifconfig.c,v 1.474 2024/06/29 12:09:51 jsg Exp $ */
+/* $OpenBSD: ifconfig.c,v 1.475 2025/01/06 17:49:29 denis Exp $ */
/* $NetBSD: ifconfig.c,v 1.40 1997/10/01 02:19:43 enami Exp $ */
/*
@@ -578,6 +578,7 @@ const struct cmd {
{ "flushall", 0, 0, bridge_flushall },
{ "static", NEXTARG2, 0, NULL, bridge_addaddr },
{ "endpoint", NEXTARG2, 0, NULL, bridge_addendpoint },
+ { "-endpoint", NEXTARG, 0, bridge_delendpoint },
{ "deladdr", NEXTARG, 0, bridge_deladdr },
{ "maxaddr", NEXTARG, 0, bridge_maxaddr },
{ "addr", 0, 0, bridge_addrs },
@@ -624,7 +625,7 @@ const struct cmd {
{ "wgpeer", NEXTARG, A_WIREGUARD, setwgpeer},
{ "wgdescription", NEXTARG, A_WIREGUARD, setwgpeerdesc},
{ "wgdescr", NEXTARG, A_WIREGUARD, setwgpeerdesc},
- { "wgendpoint", NEXTARG2, A_WIREGUARD, NULL, setwgpeerep},
+ { "wgendpoint", NEXTARG2, A_WIREGUARD, NULL, setwgpeerep},
{ "wgaip", NEXTARG, A_WIREGUARD, setwgpeeraip},
{ "wgpsk", NEXTARG, A_WIREGUARD, setwgpeerpsk},
{ "wgpka", NEXTARG, A_WIREGUARD, setwgpeerpka},
diff --git a/sbin/ifconfig/ifconfig.h b/sbin/ifconfig/ifconfig.h
index 7df268f46bf..6bc17d56aaf 100644
--- a/sbin/ifconfig/ifconfig.h
+++ b/sbin/ifconfig/ifconfig.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ifconfig.h,v 1.5 2023/11/23 03:38:34 dlg Exp $ */
+/* $OpenBSD: ifconfig.h,v 1.6 2025/01/06 17:49:29 denis Exp $ */
/*
* Copyright (c) 2009 Claudio Jeker <claudio@openbsd.org>
@@ -49,6 +49,7 @@ void bridge_flush(const char *, int);
void bridge_flushall(const char *, int);
void bridge_addaddr(const char *, const char *);
void bridge_addendpoint(const char *, const char *);
+void bridge_delendpoint(const char *, int);
void bridge_deladdr(const char *, int);
void bridge_maxaddr(const char *, int);
void bridge_addrs(const char *, int);
diff --git a/sys/dev/i2c/ihidev.c b/sys/dev/i2c/ihidev.c
index af5e90cebd5..8559b793ecb 100644
--- a/sys/dev/i2c/ihidev.c
+++ b/sys/dev/i2c/ihidev.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ihidev.c,v 1.35 2025/01/06 02:13:55 kirill Exp $ */
+/* $OpenBSD: ihidev.c,v 1.38 2025/01/07 23:13:56 kirill Exp $ */
/*
* HID-over-i2c driver
*
@@ -76,6 +76,17 @@ int ihidev_maxrepid(void *buf, int len);
int ihidev_print(void *aux, const char *pnp);
int ihidev_submatch(struct device *parent, void *cf, void *aux);
+#define IHIDEV_QUIRK_RE_POWER_ON 0x1
+
+const struct ihidev_quirks {
+ uint16_t ihq_vid;
+ uint16_t ihq_pid;
+ int ihq_quirks;
+} ihidev_devs[] = {
+ /* HONOR MagicBook Art 14 Touchpad (QTEC0002) */
+ { 0x35cc, 0x0104, IHIDEV_QUIRK_RE_POWER_ON },
+};
+
const struct cfattach ihidev_ca = {
sizeof(struct ihidev_softc),
ihidev_match,
@@ -99,6 +110,25 @@ ihidev_match(struct device *parent, void *match, void *aux)
return (0);
}
+int
+ihidev_quirks(struct ihidev_softc *sc)
+{
+ const struct ihidev_quirks *q;
+ uint16_t vid, pid;
+ int i, nent;
+
+ nent = nitems(ihidev_devs);
+
+ vid = letoh16(sc->hid_desc.wVendorID);
+ pid = letoh16(sc->hid_desc.wProductID);
+
+ for (i = 0, q = ihidev_devs; i < nent; i++, q++)
+ if (vid == q->ihq_vid && pid == q->ihq_pid)
+ return (q->ihq_quirks);
+
+ return (0);
+}
+
void
ihidev_attach(struct device *parent, struct device *self, void *aux)
{
@@ -447,17 +477,8 @@ ihidev_hid_command(struct ihidev_softc *sc, int hidcmd, void *arg)
cmd[2] = report_id | rreq->type << 4;
- if (rreq->type == I2C_HID_REPORT_TYPE_FEATURE) {
- cmd[dataoff++] = htole16(sc->hid_desc.wDataRegister)
- & 0xff;
- cmd[dataoff++] = htole16(sc->hid_desc.wDataRegister)
- >> 8;
- } else {
- cmd[dataoff++] = htole16(sc->hid_desc.wOutputRegister)
- & 0xff;
- cmd[dataoff++] = htole16(sc->hid_desc.wOutputRegister)
- >> 8;
- }
+ cmd[dataoff++] = htole16(sc->hid_desc.wDataRegister) & 0xff;
+ cmd[dataoff++] = htole16(sc->hid_desc.wDataRegister) >> 8;
cmd[dataoff++] = report_len & 0xff;
cmd[dataoff++] = report_len >> 8;
@@ -602,6 +623,8 @@ ihidev_reset(struct ihidev_softc *sc)
int
ihidev_hid_desc_parse(struct ihidev_softc *sc)
{
+ sc->sc_quirks = ihidev_quirks(sc);
+
/* must be v01.00 */
if (letoh16(sc->hid_desc.bcdVersion) != 0x0100) {
printf("%s: bad HID descriptor bcdVersion (0x%x)\n",
@@ -639,6 +662,23 @@ ihidev_hid_desc_parse(struct ihidev_softc *sc)
return (1);
}
+ if (sc->sc_quirks & IHIDEV_QUIRK_RE_POWER_ON) {
+ if (ihidev_poweron(sc))
+ return (1);
+
+ /*
+ * 7.2.8 states that a device shall not respond back
+ * after receiving the power on command, and must ensure
+ * that it transitions to power on state in less than 1
+ * second. The ihidev_poweron function uses a shorter
+ * sleep, sufficient for the ON-RESET sequence. Here,
+ * however, it sleeps for the full second to accommodate
+ * cold boot scenarios on affected devices.
+ */
+
+ ihidev_sleep(sc, 1000);
+ }
+
return (0);
}
@@ -920,3 +960,34 @@ ihidev_set_report(struct device *dev, int type, int id, void *data, int len)
return 0;
}
+
+int
+ihidev_send_report(struct device *dev, int repid, void *data, int data_len)
+{
+ struct ihidev_softc *sc = (struct ihidev_softc *)dev;
+ uint8_t *finalcmd, cmd[5];
+ int cmd_len, report_len, res;
+
+ cmd_len = sizeof(cmd);
+ report_len = 2 + 1 + data_len;
+
+ cmd[0] = htole16(sc->hid_desc.wOutputRegister) & 0xff;
+ cmd[1] = htole16(sc->hid_desc.wOutputRegister) >> 8;
+ cmd[2] = report_len & 0xff;
+ cmd[3] = report_len >> 8;
+ cmd[4] = repid;
+
+ finalcmd = malloc(cmd_len + data_len, M_DEVBUF, M_NOWAIT | M_ZERO);
+ if (finalcmd == NULL)
+ return ENOMEM;
+
+ memcpy(finalcmd, cmd, cmd_len);
+ memcpy(finalcmd + cmd_len, data, data_len);
+
+ res = iic_exec(sc->sc_tag, I2C_OP_WRITE_WITH_STOP, sc->sc_addr,
+ finalcmd, cmd_len + data_len, NULL, 0, 0);
+
+ free(finalcmd, M_DEVBUF, cmd_len + data_len);
+
+ return res;
+}
diff --git a/sys/dev/i2c/ihidev.h b/sys/dev/i2c/ihidev.h
index cb87da7332b..e056386b848 100644
--- a/sys/dev/i2c/ihidev.h
+++ b/sys/dev/i2c/ihidev.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ihidev.h,v 1.9 2022/09/03 15:48:16 kettenis Exp $ */
+/* $OpenBSD: ihidev.h,v 1.11 2025/01/07 19:26:14 mglocker Exp $ */
/*
* HID-over-i2c driver
*
@@ -93,6 +93,8 @@ struct ihidev_softc {
int sc_fastpoll;
struct timeout sc_timer;
int sc_dying;
+
+ int sc_quirks;
};
struct ihidev {
@@ -135,5 +137,6 @@ int ihidev_ioctl(struct ihidev *, u_long, caddr_t, int, struct proc *);
int ihidev_report_type_conv(int);
int ihidev_set_report(struct device *, int, int, void *, int);
int ihidev_get_report(struct device *, int, int, void *, int);
+int ihidev_send_report(struct device *, int, void *, int);
void ihidev_poll(void *);
diff --git a/sys/dev/i2c/ikbd.c b/sys/dev/i2c/ikbd.c
index e1e4bf8ba35..6551b918f01 100644
--- a/sys/dev/i2c/ikbd.c
+++ b/sys/dev/i2c/ikbd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ikbd.c,v 1.2 2022/09/03 15:48:16 kettenis Exp $ */
+/* $OpenBSD: ikbd.c,v 1.3 2025/01/07 19:26:14 mglocker Exp $ */
/*
* HID-over-i2c keyboard driver
*
@@ -36,6 +36,7 @@
struct ikbd_softc {
struct ihidev sc_hdev;
+#define sc_ledsize sc_hdev.sc_osize
struct hidkbd sc_kbd;
int sc_spl;
};
@@ -167,6 +168,14 @@ ikbd_enable(void *v, int on)
void
ikbd_set_leds(void *v, int leds)
{
+ struct ikbd_softc *sc = v;
+ struct hidkbd *kbd = &sc->sc_kbd;
+ uint8_t res;
+
+ if (sc->sc_ledsize && hidkbd_set_leds(kbd, leds, &res) != 0) {
+ ihidev_send_report((struct device *)sc->sc_hdev.sc_parent,
+ sc->sc_hdev.sc_report_id, &res, 1);
+ }
}
int
@@ -181,6 +190,9 @@ ikbd_ioctl(void *v, u_long cmd, caddr_t data, int flag, struct proc *p)
/* XXX: should we set something else? */
*(u_int *)data = WSKBD_TYPE_USB;
return 0;
+ case WSKBDIO_SETLEDS:
+ ikbd_set_leds(v, *(int *)data);
+ return 0;
default:
rc = ihidev_ioctl(&sc->sc_hdev, cmd, data, flag, p);
if (rc != -1)
diff --git a/sys/dev/pci/pcidevs b/sys/dev/pci/pcidevs
index 847d101ff1b..9f9c6d56633 100644
--- a/sys/dev/pci/pcidevs
+++ b/sys/dev/pci/pcidevs
@@ -1,4 +1,4 @@
-$OpenBSD: pcidevs,v 1.2094 2024/11/09 10:23:06 miod Exp $
+$OpenBSD: pcidevs,v 1.2095 2025/01/08 02:12:24 jsg Exp $
/* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */
/*
@@ -6460,9 +6460,13 @@ product INTEL MTL_U_HB_1 0x7d16 Core Ultra Host
product INTEL MTL_IPU 0x7d19 Core Ultra IPU
product INTEL MTL_NPU 0x7d1d Core Ultra NPU
product INTEL MTL_U4_GT_1 0x7d40 Graphics
+product INTEL ARL_U_GT_1 0x7d41 Graphics
product INTEL MTL_U_GT_1 0x7d45 Graphics
+product INTEL ARL_H_GT_1 0x7d51 Graphics
product INTEL MTL_H_GT_1 0x7d55 Arc Graphics
product INTEL MTL_U_GT_2 0x7d60 Graphics
+product INTEL ARL_S_GT_1 0x7d67 Graphics
+product INTEL ARL_H_GT_2 0x7dd1 Graphics
product INTEL MTL_H_GT_2 0x7dd5 Graphics
product INTEL MTL_H_ESPI 0x7e02 Core Ultra eSPI
product INTEL MTL_U_ESPI 0x7e03 Core Ultra eSPI
@@ -7349,6 +7353,7 @@ product INTEL LNL_XHCI 0xa87d Core Ultra xHCI
product INTEL LNL_SRAM 0xa87f Core Ultra SRAM
product INTEL 21152 0xb152 S21152BB
product INTEL 21154 0xb154 21154AE/BE
+product INTEL ARL_S_GT_2 0xb640 Graphics
product INTEL CORE_DMI_0 0xd130 Core DMI
product INTEL CORE_DMI_1 0xd131 Core DMI
product INTEL CORE_DMI_2 0xd132 Core DMI
diff --git a/sys/dev/pci/pcidevs.h b/sys/dev/pci/pcidevs.h
index f14af30638a..8fd8706c09a 100644
--- a/sys/dev/pci/pcidevs.h
+++ b/sys/dev/pci/pcidevs.h
@@ -2,7 +2,7 @@
* THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT.
*
* generated from:
- * OpenBSD: pcidevs,v 1.2094 2024/11/09 10:23:06 miod Exp
+ * OpenBSD: pcidevs,v 1.2095 2025/01/08 02:12:24 jsg Exp
*/
/* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */
@@ -6465,9 +6465,13 @@
#define PCI_PRODUCT_INTEL_MTL_IPU 0x7d19 /* Core Ultra IPU */
#define PCI_PRODUCT_INTEL_MTL_NPU 0x7d1d /* Core Ultra NPU */
#define PCI_PRODUCT_INTEL_MTL_U4_GT_1 0x7d40 /* Graphics */
+#define PCI_PRODUCT_INTEL_ARL_U_GT_1 0x7d41 /* Graphics */
#define PCI_PRODUCT_INTEL_MTL_U_GT_1 0x7d45 /* Graphics */
+#define PCI_PRODUCT_INTEL_ARL_H_GT_1 0x7d51 /* Graphics */
#define PCI_PRODUCT_INTEL_MTL_H_GT_1 0x7d55 /* Arc Graphics */
#define PCI_PRODUCT_INTEL_MTL_U_GT_2 0x7d60 /* Graphics */
+#define PCI_PRODUCT_INTEL_ARL_S_GT_1 0x7d67 /* Graphics */
+#define PCI_PRODUCT_INTEL_ARL_H_GT_2 0x7dd1 /* Graphics */
#define PCI_PRODUCT_INTEL_MTL_H_GT_2 0x7dd5 /* Graphics */
#define PCI_PRODUCT_INTEL_MTL_H_ESPI 0x7e02 /* Core Ultra eSPI */
#define PCI_PRODUCT_INTEL_MTL_U_ESPI 0x7e03 /* Core Ultra eSPI */
@@ -7354,6 +7358,7 @@
#define PCI_PRODUCT_INTEL_LNL_SRAM 0xa87f /* Core Ultra SRAM */
#define PCI_PRODUCT_INTEL_21152 0xb152 /* S21152BB */
#define PCI_PRODUCT_INTEL_21154 0xb154 /* 21154AE/BE */
+#define PCI_PRODUCT_INTEL_ARL_S_GT_2 0xb640 /* Graphics */
#define PCI_PRODUCT_INTEL_CORE_DMI_0 0xd130 /* Core DMI */
#define PCI_PRODUCT_INTEL_CORE_DMI_1 0xd131 /* Core DMI */
#define PCI_PRODUCT_INTEL_CORE_DMI_2 0xd132 /* Core DMI */
diff --git a/sys/dev/pci/pcidevs_data.h b/sys/dev/pci/pcidevs_data.h
index 546ae7d8a3e..51027526e87 100644
--- a/sys/dev/pci/pcidevs_data.h
+++ b/sys/dev/pci/pcidevs_data.h
@@ -2,7 +2,7 @@
* THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT.
*
* generated from:
- * OpenBSD: pcidevs,v 1.2094 2024/11/09 10:23:06 miod Exp
+ * OpenBSD: pcidevs,v 1.2095 2025/01/08 02:12:24 jsg Exp
*/
/* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */
@@ -23188,10 +23188,18 @@ static const struct pci_known_product pci_known_products[] = {
"Graphics",
},
{
+ PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_ARL_U_GT_1,
+ "Graphics",
+ },
+ {
PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_MTL_U_GT_1,
"Graphics",
},
{
+ PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_ARL_H_GT_1,
+ "Graphics",
+ },
+ {
PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_MTL_H_GT_1,
"Arc Graphics",
},
@@ -23200,6 +23208,14 @@ static const struct pci_known_product pci_known_products[] = {
"Graphics",
},
{
+ PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_ARL_S_GT_1,
+ "Graphics",
+ },
+ {
+ PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_ARL_H_GT_2,
+ "Graphics",
+ },
+ {
PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_MTL_H_GT_2,
"Graphics",
},
@@ -26744,6 +26760,10 @@ static const struct pci_known_product pci_known_products[] = {
"21154AE/BE",
},
{
+ PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_ARL_S_GT_2,
+ "Graphics",
+ },
+ {
PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_CORE_DMI_0,
"Core DMI",
},
diff --git a/sys/dev/pv/if_vio.c b/sys/dev/pv/if_vio.c
index 2d0f7201385..3c532da0d21 100644
--- a/sys/dev/pv/if_vio.c
+++ b/sys/dev/pv/if_vio.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_vio.c,v 1.62 2024/12/20 22:18:27 sf Exp $ */
+/* $OpenBSD: if_vio.c,v 1.63 2025/01/06 14:23:52 sf Exp $ */
/*
* Copyright (c) 2012 Stefan Fritsch, Alexander Fiveg.
@@ -1056,7 +1056,8 @@ again:
r = virtio_enqueue_reserve(vq, slot,
vioq->viq_txdmamaps[slot]->dm_nsegs + 1);
if (r != 0) {
- printf("%s: virtio_enqueue_reserve failed?\n", __func__);
+ printf("%s: virtio_enqueue_reserve failed?\n",
+ __func__);
m_freem(m);
viq_ifq->ifq_errors++;
bus_dmamap_unload(vsc->sc_dmat,
@@ -1084,8 +1085,9 @@ again:
}
if (used_slots > 0) {
if (used_slots > vioq->viq_txfree_slots)
- printf("%s: used_slots %d viq_txfree_slots %d free_slots %d\n",
- __func__, used_slots, vioq->viq_txfree_slots, free_slots);
+ printf("%s: used_slots %d viq_txfree_slots %d "
+ "free_slots %d\n", __func__, used_slots,
+ vioq->viq_txfree_slots, free_slots);
vioq->viq_txfree_slots -= used_slots;
KASSERT(vioq->viq_txfree_slots >= 0);
}
diff --git a/sys/dev/usb/uaudio.c b/sys/dev/usb/uaudio.c
index 1a11b34c744..d3601922d80 100644
--- a/sys/dev/usb/uaudio.c
+++ b/sys/dev/usb/uaudio.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: uaudio.c,v 1.177 2025/01/04 11:45:15 ratchov Exp $ */
+/* $OpenBSD: uaudio.c,v 1.178 2025/01/07 12:49:40 ratchov Exp $ */
/*
* Copyright (c) 2018 Alexandre Ratchov <alex@caoua.org>
*
@@ -37,8 +37,6 @@
#include <dev/usb/usbdivar.h>
#include <dev/usb/usb_mem.h>
-#define UAUDIO_DEBUG
-
#ifdef UAUDIO_DEBUG
#define DPRINTF(...) \
do { \
diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c
index 97da7aa802d..c303fc63a3f 100644
--- a/sys/kern/kern_sig.c
+++ b/sys/kern/kern_sig.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kern_sig.c,v 1.354 2024/12/28 20:34:05 mvs Exp $ */
+/* $OpenBSD: kern_sig.c,v 1.355 2025/01/06 13:17:56 claudio Exp $ */
/* $NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $ */
/*
@@ -125,6 +125,8 @@ void proc_stop(struct proc *p, int);
void proc_stop_sweep(void *);
void *proc_stop_si;
+void process_continue(struct proc *, int);
+
void setsigctx(struct proc *, int, struct sigctx *);
void postsig_done(struct proc *, int, sigset_t, int);
void postsig(struct proc *, int, struct sigctx *);
@@ -1065,7 +1067,7 @@ ptsignal_locked(struct proc *p, int signum, enum signal_type type)
/*
* XXX delay processing of SA_STOP signals unless action == SIG_DFL?
*/
- if (prop & (SA_CONT | SA_STOP) && type != SPROPAGATED)
+ if (prop & SA_STOP && type != SPROPAGATED)
TAILQ_FOREACH(q, &pr->ps_threads, p_thr_link)
if (q != p)
ptsignal_locked(q, signum, SPROPAGATED);
@@ -1102,15 +1104,12 @@ ptsignal_locked(struct proc *p, int signum, enum signal_type type)
* it has no further action. If SIGCONT is held, we
* continue the process and leave the signal in
* p_siglist. If the process catches SIGCONT, let it
- * handle the signal itself. If it isn't waiting on
- * an event, then it goes back to run state.
- * Otherwise, process goes back to sleep state.
+ * handle the signal itself. At the end continue
+ * the process.
*/
atomic_setbits_int(&pr->ps_flags, PS_CONTINUED);
atomic_clearbits_int(&pr->ps_flags,
- PS_WAITED | PS_STOPPED | PS_TRAPPED);
- atomic_clearbits_int(&p->p_flag, P_SUSPSIG);
- wakeparent = 1;
+ PS_WAITED | PS_STOPPED | PS_STOPPING | PS_TRAPPED);
if (action == SIG_DFL)
mask = 0;
if (action == SIG_CATCH) {
@@ -1118,14 +1117,10 @@ ptsignal_locked(struct proc *p, int signum, enum signal_type type)
if (p->p_usrpri > PUSER)
p->p_usrpri = PUSER;
unsleep(p);
- setrunnable(p);
- goto out;
- }
- if (p->p_wchan == NULL) {
- setrunnable(p);
- goto out;
}
- p->p_stat = SSLEEP;
+
+ process_continue(p, P_SUSPSIG);
+ wakeparent = 1;
goto out;
}
@@ -1521,6 +1516,48 @@ proc_trap(struct proc *p, int signum)
}
/*
+ * Continue all threads of a process that were stopped because of `flag'."
+ */
+void
+process_continue(struct proc *p, int flag)
+{
+ struct process *pr = p->p_p;
+ struct proc *q;
+
+ MUTEX_ASSERT_LOCKED(&pr->ps_mtx);
+
+ /* wake all if called from a different process */
+ if (curproc != p)
+ p = NULL;
+
+ TAILQ_FOREACH(q, &pr->ps_threads, p_thr_link) {
+ if (q == p)
+ continue;
+ if (!ISSET(q->p_flag, flag))
+ continue;
+ atomic_clearbits_int(&q->p_flag, flag);
+
+ /*
+ * clearing either makes the thread runnable or puts
+ * it back into some sleep queue
+ */
+ /*
+ * XXX in ptsignal the SCHED_LOCK is already held so we can't
+ * grab it here until that is fixed.
+ */
+ /* XXX SCHED_LOCK(); */
+ SCHED_ASSERT_LOCKED();
+ if (q->p_wchan == NULL)
+ setrunnable(q);
+ else {
+ atomic_clearbits_int(&q->p_flag, P_WSLEEP);
+ q->p_stat = SSLEEP;
+ }
+ /* XXX SCHED_UNLOCK(); */
+ }
+}
+
+/*
* Put the argument process into the stopped state and notify the parent
* via wakeup. Signals are handled elsewhere. The process must not be
* on the run queue.
@@ -2250,7 +2287,6 @@ void
single_thread_clear(struct proc *p, int flag)
{
struct process *pr = p->p_p;
- struct proc *q;
KASSERT(pr->ps_single == p);
KASSERT(curproc == p);
@@ -2259,27 +2295,10 @@ single_thread_clear(struct proc *p, int flag)
pr->ps_single = NULL;
atomic_clearbits_int(&pr->ps_flags, PS_SINGLEUNWIND | PS_SINGLEEXIT);
- TAILQ_FOREACH(q, &pr->ps_threads, p_thr_link) {
- if (q == p || (q->p_flag & P_SUSPSINGLE) == 0)
- continue;
- atomic_clearbits_int(&q->p_flag, P_SUSPSINGLE);
+ SCHED_LOCK();
+ process_continue(p, P_SUSPSINGLE);
+ SCHED_UNLOCK();
- /*
- * if the thread was only stopped for single threading
- * then clearing that either makes it runnable or puts
- * it back into some sleep queue
- */
- SCHED_LOCK();
- if (q->p_stat == SSTOP && (q->p_flag & flag) == 0) {
- if (q->p_wchan == NULL)
- setrunnable(q);
- else {
- atomic_clearbits_int(&q->p_flag, P_WSLEEP);
- q->p_stat = SSLEEP;
- }
- }
- SCHED_UNLOCK();
- }
mtx_leave(&pr->ps_mtx);
}
diff --git a/sys/kern/subr_hibernate.c b/sys/kern/subr_hibernate.c
index 0f785523e97..a05b965a62b 100644
--- a/sys/kern/subr_hibernate.c
+++ b/sys/kern/subr_hibernate.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: subr_hibernate.c,v 1.147 2024/12/31 17:16:05 krw Exp $ */
+/* $OpenBSD: subr_hibernate.c,v 1.149 2025/01/06 21:37:16 krw Exp $ */
/*
* Copyright (c) 2011 Ariane van der Steldt <ariane@stack.nl>
@@ -2019,10 +2019,8 @@ hibernate_suspend(void)
* Give the device-specific I/O function a notification that we're
* done, and that it can clean up or shutdown as needed.
*/
- if (hib->io_func(hib->dev, 0, (vaddr_t)NULL, 0, HIB_DONE, hib->io_page))
- return (1);
- else
- return (0);
+ hib->io_func(hib->dev, 0, (vaddr_t)NULL, 0, HIB_DONE, hib->io_page);
+ return (0);
}
int
diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c
index ac75c300572..8ce0decd823 100644
--- a/sys/kern/uipc_socket.c
+++ b/sys/kern/uipc_socket.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: uipc_socket.c,v 1.356 2025/01/04 15:57:02 mvs Exp $ */
+/* $OpenBSD: uipc_socket.c,v 1.357 2025/01/07 23:13:46 mvs Exp $ */
/* $NetBSD: uipc_socket.c,v 1.21 1996/02/04 02:17:52 christos Exp $ */
/*
@@ -1445,10 +1445,26 @@ sosplice(struct socket *so, int fd, off_t max, struct timeval *tv)
error = ENOTCONN;
goto release;
}
- if (so->so_sp == NULL)
- so->so_sp = pool_get(&sosplice_pool, PR_WAITOK | PR_ZERO);
- if (sosp->so_sp == NULL)
- sosp->so_sp = pool_get(&sosplice_pool, PR_WAITOK | PR_ZERO);
+ if (so->so_sp == NULL) {
+ struct sosplice *so_sp;
+
+ so_sp = pool_get(&sosplice_pool, PR_WAITOK | PR_ZERO);
+ timeout_set_flags(&so_sp->ssp_idleto, soidle, so,
+ KCLOCK_NONE, TIMEOUT_PROC | TIMEOUT_MPSAFE);
+ task_set(&so_sp->ssp_task, sotask, so);
+
+ so->so_sp = so_sp;
+ }
+ if (sosp->so_sp == NULL) {
+ struct sosplice *so_sp;
+
+ so_sp = pool_get(&sosplice_pool, PR_WAITOK | PR_ZERO);
+ timeout_set_flags(&so_sp->ssp_idleto, soidle, sosp,
+ KCLOCK_NONE, TIMEOUT_PROC | TIMEOUT_MPSAFE);
+ task_set(&so_sp->ssp_task, sotask, sosp);
+
+ sosp->so_sp = so_sp;
+ }
if (so->so_sp->ssp_socket || sosp->so_sp->ssp_soback) {
error = EBUSY;
goto release;
@@ -1460,9 +1476,6 @@ sosplice(struct socket *so, int fd, off_t max, struct timeval *tv)
so->so_idletv = *tv;
else
timerclear(&so->so_idletv);
- timeout_set_flags(&so->so_idleto, soidle, so,
- KCLOCK_NONE, TIMEOUT_PROC | TIMEOUT_MPSAFE);
- task_set(&so->so_splicetask, sotask, so);
/*
* To prevent sorwakeup() calling somove() before this somove()
@@ -1507,9 +1520,6 @@ sounsplice(struct socket *so, struct socket *sosp, int freeing)
{
sbassertlocked(&so->so_rcv);
- task_del(sosplice_taskq, &so->so_splicetask);
- timeout_del(&so->so_idleto);
-
mtx_enter(&so->so_rcv.sb_mtx);
mtx_enter(&sosp->so_snd.sb_mtx);
so->so_rcv.sb_flags &= ~SB_SPLICE;
@@ -1518,6 +1528,9 @@ sounsplice(struct socket *so, struct socket *sosp, int freeing)
mtx_leave(&sosp->so_snd.sb_mtx);
mtx_leave(&so->so_rcv.sb_mtx);
+ task_del(sosplice_taskq, &so->so_splicetask);
+ timeout_del(&so->so_idleto);
+
/* Do not wakeup a socket that is about to be freed. */
if ((freeing & SOSP_FREEING_READ) == 0) {
int readable;
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index ef833877661..5707070efb5 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_ethersubr.c,v 1.294 2024/12/15 11:00:05 dlg Exp $ */
+/* $OpenBSD: if_ethersubr.c,v 1.295 2025/01/07 05:36:52 guenther Exp $ */
/* $NetBSD: if_ethersubr.c,v 1.19 1996/05/07 02:40:30 thorpej Exp $ */
/*
@@ -1316,8 +1316,6 @@ static int ether_frm_disconnect(struct socket *);
static int ether_frm_shutdown(struct socket *);
static int ether_frm_send(struct socket *, struct mbuf *, struct mbuf *,
struct mbuf *);
-static int ether_frm_control(struct socket *, u_long, caddr_t,
- struct ifnet *);
static int ether_frm_sockaddr(struct socket *, struct mbuf *);
static int ether_frm_peeraddr(struct socket *, struct mbuf *);
@@ -1329,7 +1327,6 @@ const struct pr_usrreqs ether_frm_usrreqs = {
.pru_disconnect = ether_frm_disconnect,
.pru_shutdown = ether_frm_shutdown,
.pru_send = ether_frm_send,
- .pru_control = ether_frm_control,
.pru_sockaddr = ether_frm_sockaddr,
.pru_peeraddr = ether_frm_peeraddr,
};
@@ -1753,13 +1750,6 @@ drop:
}
static int
-ether_frm_control(struct socket *so, u_long cmd, caddr_t data,
- struct ifnet *ifp)
-{
- return (EOPNOTSUPP);
-}
-
-static int
ether_frm_sockaddr_frame(struct ether_pcb *ep, struct mbuf *nam, uint64_t addr)
{
struct sockaddr_frame *sfrm;
diff --git a/usr.bin/mandoc/roff.c b/usr.bin/mandoc/roff.c
index 2ebb132961d..e5c1d61956d 100644
--- a/usr.bin/mandoc/roff.c
+++ b/usr.bin/mandoc/roff.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: roff.c,v 1.275 2025/01/05 16:56:48 schwarze Exp $ */
+/* $OpenBSD: roff.c,v 1.276 2025/01/06 18:48:13 schwarze Exp $ */
/*
* Copyright (c) 2010-2015, 2017-2025 Ingo Schwarze <schwarze@openbsd.org>
* Copyright (c) 2008-2012, 2014 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -2420,7 +2420,7 @@ roff_cond_text(ROFF_ARGS)
/* --- handling of numeric and conditional expressions -------------------- */
/*
- * Parse a single signed integer number. Stop at the first non-digit.
+ * Parse a single signed decimal number. Stop at the first non-digit.
* If there is at least one digit, return success and advance the
* parse point, else return failure and let the parse point unchanged.
* Ignore overflows, treat them just like the C language.
@@ -2428,10 +2428,8 @@ roff_cond_text(ROFF_ARGS)
static int
roff_getnum(const char *v, int *pos, int *res, char unit, int skipspace)
{
- int myres, n, p;
-
- if (NULL == res)
- res = &myres;
+ double frac, myres;
+ int n, p;
p = *pos;
n = v[p] == '-';
@@ -2442,13 +2440,17 @@ roff_getnum(const char *v, int *pos, int *res, char unit, int skipspace)
while (isspace((unsigned char)v[p]))
p++;
- for (*res = 0; isdigit((unsigned char)v[p]); p++)
- *res = 10 * *res + v[p] - '0';
+ for (myres = 0.0; isdigit((unsigned char)v[p]); p++)
+ myres = myres * 10.0 + (v[p] - '0');
+ if (v[p] == '.')
+ for (frac = 0.1; isdigit((unsigned char)v[++p]); frac *= 0.1)
+ myres += frac * (v[p] - '0');
+
if (p == *pos + n)
return 0;
if (n)
- *res = -*res;
+ myres *= -1.0;
/* Each number may be followed by one optional scaling unit. */
@@ -2460,36 +2462,35 @@ roff_getnum(const char *v, int *pos, int *res, char unit, int skipspace)
switch (unit) {
case 'f':
- *res *= 65536;
+ myres *= 65536.0;
break;
case 'i':
- *res *= 240;
+ myres *= 240.0;
break;
case 'c':
- *res *= 24000;
- *res /= 254;
+ myres *= 240.0 / 2.54;
break;
case 'v':
case 'P':
- *res *= 40;
+ myres *= 40.0;
break;
case 'm':
case 'n':
- *res *= 24;
+ myres *= 24.0;
break;
case 'p':
- *res *= 10;
- *res /= 3;
+ myres *= 40.0 / 12.0;
break;
case 'u':
break;
case 'M':
- *res *= 6;
- *res /= 25;
+ myres *= 24.0 / 100.0;
break;
default:
break;
}
+ if (res != NULL)
+ *res = myres;
*pos = p;
return 1;
}
diff --git a/usr.sbin/bgpd/bgpd.8 b/usr.sbin/bgpd/bgpd.8
index ab414558914..c9e256b6747 100644
--- a/usr.sbin/bgpd/bgpd.8
+++ b/usr.sbin/bgpd/bgpd.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: bgpd.8,v 1.81 2024/12/13 19:21:03 claudio Exp $
+.\" $OpenBSD: bgpd.8,v 1.82 2025/01/07 12:00:36 claudio Exp $
.\"
.\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: December 13 2024 $
+.Dd $Mdocdate: January 7 2025 $
.Dt BGPD 8
.Os
.Sh NAME
@@ -309,6 +309,17 @@ has been started.
.Re
.Pp
.Rs
+.%A S. Sangli
+.%A E. Chen
+.%A R. Fernando
+.%A J. Scudder
+.%A Y. Rekhter
+.%D January 2007
+.%R RFC 4724
+.%T Graceful Restart Mechanism for BGP
+.Re
+.Pp
+.Rs
.%A T. Bates
.%A R. Chandra
.%A D. Katz
@@ -338,6 +349,15 @@ has been started.
.Re
.Pp
.Rs
+.%A Y. Rekhter
+.%A S. Sangli
+.%A D. Tappan
+.%D October 2009
+.%R RFC 5668
+.%T 4-Octet AS Specific BGP Extended Community
+.Re
+.Pp
+.Rs
.%A E. Chen
.%A J. Yuan
.%D June 2011
@@ -346,6 +366,15 @@ has been started.
.Re
.Pp
.Rs
+.%A J. Dong
+.%A M. Chen
+.%A A. Suryanarayana
+.%D May 2012
+.%R RFC 6608
+.%T Subcodes for BGP Finite State Machine Error
+.Re
+.Pp
+.Rs
.%A Q. Vohra
.%A E. Chen
.%D Dec 2012
@@ -411,6 +440,16 @@ has been started.
.Re
.Pp
.Rs
+.%A E. Jasinska
+.%A N. Hilliard
+.%A R. Raszuk
+.%A N. Bakker
+.%D September 2016
+.%R RFC 7947
+.%T Internet Exchange BGP Route Server
+.Re
+.Pp
+.Rs
.%A C. Petrie
.%A T. King
.%D May 2017
diff --git a/usr.sbin/bgpd/bgpd.conf.5 b/usr.sbin/bgpd/bgpd.conf.5
index 5cda014d00f..f0199a6c151 100644
--- a/usr.sbin/bgpd/bgpd.conf.5
+++ b/usr.sbin/bgpd/bgpd.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: bgpd.conf.5,v 1.245 2024/12/13 19:21:03 claudio Exp $
+.\" $OpenBSD: bgpd.conf.5,v 1.246 2025/01/07 12:11:45 claudio Exp $
.\"
.\" Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
.\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -16,7 +16,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: December 13 2024 $
+.Dd $Mdocdate: January 7 2025 $
.Dt BGPD.CONF 5
.Os
.Sh NAME
@@ -407,8 +407,16 @@ The default is 180 seconds.
.Xc
If set to
.Ic yes ,
+attribute transparency is enabled.
.Em AS paths
to EBGP neighbors are not prepended with the local AS.
+Additionally, the MULTI_EXIT_DISC attribute is passed transparently and
+automatic filtering based on the well-known communities
+.Ic NO_EXPORT ,
+.Ic NO_ADVERTISE ,
+and
+.Ic NO_EXPORT_SUBCONFED
+is disabled.
The default is
.Ic no .
.El
@@ -1571,8 +1579,11 @@ After changing keys, a session needs to be reset to use the new keys.
.Xc
If set to
.Ic yes ,
-.Em AS paths
-to EBGP neighbors are not prepended with the local AS.
+attribute transparency is enabled.
+See also the
+.Ic transparent-as
+setting in
+.Sx GLOBAL CONFIGURATION .
The default is inherited from the global
.Ic transparent-as
setting.
diff --git a/usr.sbin/bgpd/bgpd.h b/usr.sbin/bgpd/bgpd.h
index 1e00fbd8262..ce5b3c6fe7b 100644
--- a/usr.sbin/bgpd/bgpd.h
+++ b/usr.sbin/bgpd/bgpd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bgpd.h,v 1.506 2024/12/13 19:21:03 claudio Exp $ */
+/* $OpenBSD: bgpd.h,v 1.507 2025/01/07 17:43:31 denis Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -156,12 +156,14 @@ enum reconf_action {
#define AFI_UNSPEC 0
#define AFI_IPv4 1
#define AFI_IPv6 2
+#define AFI_L2VPN 25
/* Subsequent Address Family Identifier as per RFC 4760 */
#define SAFI_NONE 0
#define SAFI_UNICAST 1
#define SAFI_MULTICAST 2
#define SAFI_MPLS 4
+#define SAFI_EVPN 70 /* RFC 7432 */
#define SAFI_MPLSVPN 128
#define SAFI_FLOWSPEC 133
#define SAFI_VPNFLOWSPEC 134
@@ -182,7 +184,8 @@ extern const struct aid aid_vals[];
#define AID_VPN_IPv6 4
#define AID_FLOWSPECv4 5
#define AID_FLOWSPECv6 6
-#define AID_MAX 7
+#define AID_EVPN 7
+#define AID_MAX 8
#define AID_MIN 1 /* skip AID_UNSPEC since that is a dummy */
#define AID_VALS { \
@@ -194,6 +197,7 @@ extern const struct aid aid_vals[];
{ AFI_IPv6, AF_INET6, SAFI_MPLSVPN, "IPv6 vpn" }, \
{ AFI_IPv4, AF_INET, SAFI_FLOWSPEC, "IPv4 flowspec" }, \
{ AFI_IPv6, AF_INET6, SAFI_FLOWSPEC, "IPv6 flowspec" }, \
+ { AFI_L2VPN, AF_UNSPEC, SAFI_EVPN, "evpn" }, \
}
#define BGP_MPLS_BOS 0x01
@@ -1134,6 +1138,7 @@ struct ext_comm_pairs {
{ EXT_COMMUNITY_TRANS_IPV4, 0x0b, "vrfri" }, \
\
{ EXT_COMMUNITY_TRANS_OPAQUE, 0x06, "ort" }, \
+ { EXT_COMMUNITY_TRANS_OPAQUE, 0x0c, "encap" }, \
{ EXT_COMMUNITY_TRANS_OPAQUE, 0x0d, "defgw" }, \
\
{ EXT_COMMUNITY_NON_TRANS_OPAQUE, EXT_COMMUNITY_SUBTYPE_OVS, "ovs" }, \
diff --git a/usr.sbin/bgpd/rde.h b/usr.sbin/bgpd/rde.h
index f28ff29683f..3a6a867aa0b 100644
--- a/usr.sbin/bgpd/rde.h
+++ b/usr.sbin/bgpd/rde.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: rde.h,v 1.309 2024/12/12 20:19:03 claudio Exp $ */
+/* $OpenBSD: rde.h,v 1.311 2025/01/07 17:43:31 denis Exp $ */
/*
* Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org> and
@@ -143,6 +143,7 @@ enum attrtypes {
ATTR_EXT_COMMUNITIES=16,
ATTR_AS4_PATH=17,
ATTR_AS4_AGGREGATOR=18,
+ ATTR_PMSI_TUNNEL=22,
ATTR_LARGE_COMMUNITIES=32,
ATTR_OTC=35,
ATTR_FIRST_UNKNOWN, /* after this all attributes are unknown */
@@ -157,7 +158,7 @@ enum attrtypes {
/* by default mask the reserved bits and the ext len bit */
#define ATTR_DEFMASK (ATTR_RESERVED | ATTR_EXTLEN)
-/* default attribute flags for well known attributes */
+/* default attribute flags for well-known attributes */
#define ATTR_WELL_KNOWN ATTR_TRANSITIVE
struct attr {
diff --git a/usr.sbin/bgpd/rde_peer.c b/usr.sbin/bgpd/rde_peer.c
index 60d8491349d..45bf85d5121 100644
--- a/usr.sbin/bgpd/rde_peer.c
+++ b/usr.sbin/bgpd/rde_peer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rde_peer.c,v 1.42 2024/12/12 20:19:03 claudio Exp $ */
+/* $OpenBSD: rde_peer.c,v 1.43 2025/01/07 17:43:31 denis Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
@@ -31,8 +31,8 @@ struct peer_tree zombietable = RB_INITIALIZER(&zombietable);
struct rde_peer *peerself;
static long imsg_pending;
-CTASSERT(sizeof(peerself->recv_eor) * 8 > AID_MAX);
-CTASSERT(sizeof(peerself->sent_eor) * 8 > AID_MAX);
+CTASSERT(sizeof(peerself->recv_eor) * 8 >= AID_MAX);
+CTASSERT(sizeof(peerself->sent_eor) * 8 >= AID_MAX);
struct iq {
SIMPLEQ_ENTRY(iq) entry;
diff --git a/usr.sbin/bgpd/rde_update.c b/usr.sbin/bgpd/rde_update.c
index bfc90619f14..72a630d87c4 100644
--- a/usr.sbin/bgpd/rde_update.c
+++ b/usr.sbin/bgpd/rde_update.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rde_update.c,v 1.170 2024/12/09 10:51:46 claudio Exp $ */
+/* $OpenBSD: rde_update.c,v 1.172 2025/01/07 12:11:45 claudio Exp $ */
/*
* Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
@@ -90,7 +90,14 @@ up_test_update(struct rde_peer *peer, struct prefix *p)
return (0);
}
- /* well known communities */
+ /*
+ * With "transparent-as yes" set do not filter based on
+ * well-known communities. Instead pass them on to the client.
+ */
+ if (peer->flags & PEERFLAG_TRANS_AS)
+ return (1);
+
+ /* well-known communities */
if (community_match(comm, &comm_no_advertise, NULL))
return (0);
if (peer->conf.ebgp) {
@@ -159,8 +166,8 @@ up_process_prefix(struct rde_peer *peer, struct prefix *new, struct prefix *p)
/*
* up_test_update() needs to run before the output filters
- * else the well known communities won't work properly.
- * The output filters would not be able to add well known
+ * else the well-known communities won't work properly.
+ * The output filters would not be able to add well-known
* communities.
*/
if (!up_test_update(peer, new))
diff --git a/usr.sbin/bgpd/util.c b/usr.sbin/bgpd/util.c
index 311ba143f59..62c8557d587 100644
--- a/usr.sbin/bgpd/util.c
+++ b/usr.sbin/bgpd/util.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: util.c,v 1.89 2024/11/21 13:05:23 claudio Exp $ */
+/* $OpenBSD: util.c,v 1.90 2025/01/07 19:24:53 claudio Exp $ */
/*
* Copyright (c) 2006 Claudio Jeker <claudio@openbsd.org>
@@ -323,6 +323,8 @@ log_capability(uint8_t capa)
return "Multiprotocol Extensions";
case CAPA_REFRESH:
return "Route Refresh";
+ case CAPA_EXT_MSG:
+ return "Extended Message";
case CAPA_ROLE:
return "BGP Role";
case CAPA_RESTART:
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-08 19:22:16 +0000