summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-07-16ecdhtest: Drop unnecessary constant and unneeded includesTheo Buehler
2023-07-16Make remaining unstable tests fail consistently by adjusting theAnton Lindqvist
modification time of the problematic file(s), causing the check_file() routine to always hit the "file exists and is possible match" case. While here, sync expected failures with reality.
2023-07-16Make the mbstat preserve the same size which is actually used. AlsoYASUOKA Masahiko
revert the previous that the mbstat is located on the stack. ok claudio
2023-07-16ecdhtest: fix a couple bugs plus some cosmetic tweaksTheo Buehler
2023-07-15fix include directive - this is make, not CTheo Buehler
2023-07-15Rework the ecdhtestTheo Buehler
Test keyshare for all built-in curves and simplify, especially printing on failure. Incorporate known answer tests from RFC 5114 and RFC 5903. All in all, this is a lot less code and a lot more test coverage and hopefully a little less eyebleed. Very loosely based on OpenSSL b438f0ed by Billy Brumley
2023-07-15sync with <sys/namei.h>; 'looks good' deraadtKlemens Nanni
Document missing struct nameidata members and fix one member's const-ness. Add REALPATH flag from 2019.
2023-07-15Fix return value check for ECDH_compute_key()Theo Buehler
ECDH_compute_key() usually returns -1 on error (but sometimes 0). This was also the case in OpenSSL when these tests were written. This will soon change. The check for <= 0 will still be correct.
2023-07-15Import a version of libcrypto's symbols test for libsslTheo Buehler
2023-07-15Add test coverage for cofactor ECDH using NIST test vectorsTheo Buehler
Since all non-binary NIST curves have cofactor 1, this is in effect plain ECDH. Current regress coverage of ECDH is quite lacking on architectures where Go isn't available. This fixes that. Actual cofactor ECDH support may be added soon to libcrypto, at which point I will also add testcases with cofactor > 1.
2023-07-15Implement PAC support.Mark Kettenis
ok patrick@
2023-07-15Link symbols test to buildTheo Buehler
2023-07-15remove accidentally imported files againTheo Buehler
2023-07-15Import a version of libcrypto's symbols test for libsslTheo Buehler
2023-07-15Remove stray argument name in function prototype.Mark Kettenis
2023-07-15vmd(8): fix use of qcow base images.Dave Voutila
The vm process was prematurely setting device fds to not close-on-exec and then trying to close(2) them after the fork(2) of the device process. This caused a reuse of an fd for one of the socketpair(2)'s for communication between vm and device. Having device processes close(2) other device fds after fork would break the socketpair, causing the device to fail during startup post-exec when trying to receive its device state from the parent vm process. Instead, mark the fds to not close on exec post-fork(2) call allowing other device fds to be closed automatically and avoid closing by the tracked fd. Reported by solene@. OK tb@.
2023-07-15Mop up MD32_XARRAY from md5.Joel Sing
MD32_XARRAY was added as a workaround for a broken HP C compiler (circa 1999). Clean it up to simplify the code. No change in generated assembly.
2021-04-28Import LLVM 11.1.0 release including clang, lld and lldb.Patrick Wildt
2020-08-03Import LLVM 10.0.0 release including clang, lld and lldb.Patrick Wildt
ok hackroom tested by plenty
2023-07-15Mop up MD32_XARRAY from md4.Joel Sing
MD32_XARRAY was added as a workaround for a broken HP C compiler (circa 1999). Clean it up to simplify the code. No change in generated assembly.
2023-07-15Add mute control. This makes the mute button on laptops that useMark Kettenis
tascodec(4) work. ok tobhe@
2023-07-15Prevent patch(1) from scribbling all over the place.Florian Obser
Arguably the only sensible use of patch(1) is changing files in the current working directory and subdirectories. However, patch(1) has this anti-feature, or dare I say bug, where it will happily follow "../" upwards and outside of the current working directory to find files to change. All it takes is a line like +++ ../../../../home/florian/.ssh/authorized_keys in the patchfile. patch(1) operates on untrusted input and it already pledge(2)'ed to not execute arbitrary programs, but of course it needs to write files. A simple unveil(".", "rwc") restricts patch(1) to its current working directory. We also need to allow /tmp and potentially the output file and reject file if given on the command line. But those paths are safe. input op, deraadt OK millert, sthen
2023-07-14Set extended keys flag again after reset, from Eric T Johnson.Nicholas Marriott
2023-07-14Check if the OWN bit of Tx descriptor instead of Rx descriptor is setKevin Lo
in rtwn_tx(). Because definitions of R92C_TXDW0_OWN and R92C_RXDW0_OWN are the same, no functional change. ok stsp@
2023-07-14Cleanup mrt message handling. Remove the DUMP_XYZ() macros and replaceClaudio Jeker
them with direct calls to for example ibuf_add_n16(). Further cleanup the error handling and use goto fail in most places. Remove many of the error messages and combine all the possible ibuf errors in one place. For this remove most warnings from internal functions (also mark all internal helper functions with static to make that more obvious). There are still some cases where an error will result in to warnings but those errors are unreachable in normal operations. OK tb@
2023-07-14Include stdint.h for SIZE_MAX. Fixes OPENSSL=no build.Darren Tucker
2023-07-14Do not ignore the AF_LINK entries of carp(4) interfaces.Gerhard Roth
OK kn@
2023-07-14struct sleep_state is no longer used, remove it.Claudio Jeker
Also remove the priority argument to sleep_finish() the code can use the p_flag P_SINTR flag to know if the signal check is needed or not. OK cheloha@ kettenis@ mpi@
2023-07-14add defence-in-depth checks for some unreachable integer overflowsDamien Miller
reported by Yair Mizrahi @ JFrog; feedback/ok millert@
2023-07-13Refactor ASN1_item_sign_ctx()Theo Buehler
Oh, joy! The muppets had a feast: they could combine the horrors of EVP with X.509... Return values between -1 and 3 indicating how much work needs to be done, depending on whether methods are present or absent. Needless to say that RSA and EdDSA had inconsistent return values until recently. Instead of interleaving if/else branches, split out two helper functions that do essentially independent things, which results in something that isn't entirely bad. Well, at least not compared to the surrounding code. asn1_item_set_algorithm_identifiers() extracts the signature algorithm from the digest and pkey if known, and sets it on the two X509_ALGOR that may or may not have been passed in. asn1_item_sign() converts data into der and signs. Of course there were also a few leaks and missing error checks. ok jsing
2023-07-13bcmp(3) tries to return length, which is a size_t, as an int.Todd C. Miller
Instead, just return 1 if there is a difference, else 0. Fixed by ray@ in 2008 but the libkern version was not synced. OK deraadt@
2023-07-13- use IS_ELF() to check the ELF magic bytesJasper Lievisse Adriaanse
- reject non-sensical program header values which would result in a crash when accessing the 0 bytes sized buffer allocated due to it ok deraadt@ kettenis@
2023-07-13vmd(8): pull validation into local prefix parser.Dave Voutila
Validation for local prefixes, both inet and inet6, was scattered around. To make it even more confusing, vmd was using generic address parsing logic from prior network daemons. vmd doesn't need to parse addresses other than when parsing the local prefix settings in vm.conf and no runtime parsing is needed. This change merges parsing and validation based on vmd's specific needs for local prefixes (e.g. reserving enough bits for vm id and network interface id encoding in an ipv4 address). In addition, it simplifies the struct from a generic address struct to one focused on just storing the v4 and v6 prefixes and masks. This cleans up an unused TAILQ struct member that isn't used by vmd and was leftover copy-pasta from those prior daemons. The address parsing that vmd uses is also updated to using the latest logic in bgpd(8). ok mlarkin@
2023-07-13Check input before trying to disable a non-existing daemon to prevent parsingAntoine Jacoutot
bogus characters and outputing hell on the console. based on an initial submission from Anthony Coulter, thanks!
2023-07-13Use the deep idle state available on Apple M1/M2 cores in the idle loop andMark Kettenis
for suspend. This state makes the CPU lose some of its register state so we need to save these registers before putting the core to sleep and restore them when we wake up. This deep idle state has a higher wakeup latency than the normal WFI idle state. Use similar logic as acpucpu(4) to decide which idle state to pick. If some cores of a cluster are in this deep idle state, turbo states become available to the cores that remain active. So stop skipping these states. This improves single-core performance a little bit. The main win is in power savings when running in a state with a high clock frequency. My M2 Pro mini goes from 14W to 6.5W when idle at the maximum clock frequency. But event at the lowest clock frequency there are small but significant power savings. ok deraadt@, tobhe@
2023-07-13Change function definitions using the identifier-list form used in theJonathan Gray
1st edition of Kernighan and Ritchie's The C Programming Language, to that of the parameter-type-list form described in the ANSI X3.159-1989 standard. In ISO/IEC 9899:2023 drafts, there is only one form of function definition. "N2432 Remove support for function definitions with identifier lists".
2023-07-13Use 8 for underscore colour defaults instead of 0 which is lessNicholas Marriott
confusing, and fix writing tge default colour. GitHub issue 3627.
2023-07-12validate alignment of ELF program headersJasper Lievisse Adriaanse
2023-07-12address incomplete validation of ELF program headers in execve(2) which ↵Jasper Lievisse Adriaanse
could lead to a panic in vmcmd_map_readvn() with a malformed binary/interpreter. original crash found with Melkor, additional validation provided by guenther@. ok kettenis@ guenther@ deraadt@
2023-07-12GPROF: sleep_state: disable _mcount() across suspend/resumeScott Soule Cheloha
Something in the amd64 resume path doesn't agree with _mcount(), so suspend/resume always fails if gmoninit is non-zero. It would be nice if GPROF kernels didn't crash during resume. In sleep_state(), (1) clear gmoninit after sched_stop_secondary_cpus() so the primary CPU isn't racing sysctl(2) on another CPU, and (2) restore gmoninit just after resume_mp() so the secondary CPUs are out of cpu_hatch() and away from whatever is causing the crash before _mcount() is reenabled. Lots of input from claudio@, deraadt@, and kettenis@. Thread 1: https://marc.info/?l=openbsd-tech&m=168721453821801&w=2 Thread 2: https://marc.info/?l=openbsd-tech&m=168892518722935&w=2 ok kettenis@ deraadt@
2023-07-12Add test which consistently triggers the problem with test6_perms,Anton Lindqvist
omitting all other irrelevant files.
2023-07-12Report fork errors as this test is likely to hit the defaultAnton Lindqvist
kern.maxproc limit.
2023-07-12missing word; from thib4711Jason McIntyre
2023-07-12Fix solock()/sounlock() usage.Vitaliy Makkoveev
This time solock() doesn't return value and sounlock() hasn't second parameter. Bi-directional Forwarding Detection is disabled by default, so it was forgotten when solock()/sounlock() were changed. Build test done with BFD option. ok phessler claudio
2023-07-12Don't run off the end of path if it ends in /.Florian Obser
OK op, sthen
2023-07-12basename(3) can fail, prevent segfault in strlen(3).Florian Obser
OK tb, sthen
2023-07-12Add regress test to check for bad attribute lenght for optional transitiveClaudio Jeker
attributes.
2023-07-12Update rde_community_test after the major change in how attributes andClaudio Jeker
communities are written.
2023-07-12Update OpenBGPD to use new ibuf API.Claudio Jeker
This replaces the old way of using a static buffer and a len to build UPDATEs with a pure ibuf solution. The result is much cleaner and a lot of almost duplicate code can be removed because often a version for ibufs and one for this static buffer was implemented (e.g. for mrt or bgpctl). With and OK tb@
2023-07-12Work around use after free in httpd(8)Theo Buehler
A malformed HTTP request can cause httpd in fastcgi mode to crash due to a use-after-free. This is an awful hack, but it's good enough until someone figures out the correct way of dealing with server_close() here. "this will do the trick for now" claudio ok beck deraadt