sync code with last improvements from OpenBSD

gnu/usr.sbin/mkhybrid/src/desktop.c

@@ -36,6 +36,8 @@
 /* from "data.h" - libhfs routines */
 void d_putw(unsigned char *, short);
 void d_putl(unsigned char *, long);
+/* from volume.c */
+void write_fork(hfsfile *, long);
 
 extern hce_mem *hce;		/* libhfs/mkisofs extras */
 

gnu/usr.sbin/mkhybrid/src/mac_label.c

@@ -24,6 +24,9 @@
 #include "mac_label_proto.h"
 #include <mac_label.h>
 
+/* from libhfs_iso/data.h */
+short d_getw(unsigned char *);
+
 int
 gen_mac_label(defer *mac_boot)
 {

gnu/usr.sbin/mkhybrid/src/volume.c

@@ -19,6 +19,11 @@
 #include "write.h"
 #include <errno.h>
 
+/* from desktop.c */
+int make_desktop(hfsvol *, int);
+/* from libhfs_iso/hfs.c */
+void hfs_vsetbless(hfsvol *, unsigned long);
+
 static hfsvol *vol_save = 0;	/* used to "destroy" an HFS volume */
 
 int DECL(copy_to_mac_vol, (hfsvol *, struct directory *));

lib/libcrypto/man/EVP_DigestInit.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_DigestInit.3,v 1.29 2023/08/27 15:33:08 schwarze Exp $
+.\" $OpenBSD: EVP_DigestInit.3,v 1.30 2023/09/07 14:22:11 schwarze Exp $
 .\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000
 .\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
 .\"
@@ -70,7 +70,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 27 2023 $
+.Dd $Mdocdate: September 7 2023 $
 .Dt EVP_DIGESTINIT 3
 .Os
 .Sh NAME
@@ -81,10 +81,6 @@
 .Nm EVP_MD_CTX_create ,
 .Nm EVP_MD_CTX_cleanup ,
 .Nm EVP_MD_CTX_destroy ,
-.Nm EVP_MD_CTX_ctrl ,
-.Nm EVP_MD_CTX_set_flags ,
-.Nm EVP_MD_CTX_clear_flags ,
-.Nm EVP_MD_CTX_test_flags ,
 .Nm EVP_DigestInit_ex ,
 .Nm EVP_DigestUpdate ,
 .Nm EVP_DigestFinal_ex ,
@@ -94,18 +90,7 @@
 .Nm EVP_DigestFinal ,
 .Nm EVP_MD_CTX_copy ,
 .Nm EVP_MAX_MD_SIZE ,
-.Nm EVP_MD_type ,
-.Nm EVP_MD_pkey_type ,
-.Nm EVP_MD_size ,
-.Nm EVP_MD_block_size ,
-.Nm EVP_MD_flags ,
 .Nm EVP_MD_CTX_md ,
-.Nm EVP_MD_CTX_size ,
-.Nm EVP_MD_CTX_block_size ,
-.Nm EVP_MD_CTX_type ,
-.Nm EVP_MD_CTX_md_data ,
-.Nm EVP_MD_CTX_pkey_ctx ,
-.Nm EVP_MD_CTX_set_pkey_ctx ,
 .Nm EVP_md_null ,
 .Nm EVP_sha224 ,
 .Nm EVP_sha256 ,
@@ -145,28 +130,6 @@
 .Fa "EVP_MD_CTX *ctx"
 .Fc
 .Ft int
-.Fo EVP_MD_CTX_ctrl
-.Fa "EVP_MD_CTX *ctx"
-.Fa "int command"
-.Fa "int p1"
-.Fa "void* p2"
-.Fc
-.Ft void
-.Fo EVP_MD_CTX_set_flags
-.Fa "EVP_MD_CTX *ctx"
-.Fa "int flags"
-.Fc
-.Ft void
-.Fo EVP_MD_CTX_clear_flags
-.Fa "EVP_MD_CTX *ctx"
-.Fa "int flags"
-.Fc
-.Ft int
-.Fo EVP_MD_CTX_test_flags
-.Fa "const EVP_MD_CTX *ctx"
-.Fa "int flags"
-.Fc
-.Ft int
 .Fo EVP_DigestInit_ex
 .Fa "EVP_MD_CTX *ctx"
 .Fa "const EVP_MD *type"
@@ -215,55 +178,10 @@
 .Fa "EVP_MD_CTX *in"
 .Fc
 .Fd #define EVP_MAX_MD_SIZE 64	/* SHA512 */
-.Ft int
-.Fo EVP_MD_type
-.Fa "const EVP_MD *md"
-.Fc
-.Ft int
-.Fo EVP_MD_pkey_type
-.Fa "const EVP_MD *md"
-.Fc
-.Ft int
-.Fo EVP_MD_size
-.Fa "const EVP_MD *md"
-.Fc
-.Ft int
-.Fo EVP_MD_block_size
-.Fa "const EVP_MD *md"
-.Fc
-.Ft unsigned long
-.Fo EVP_MD_flags
-.Fa "const EVP_MD *md"
-.Fc
 .Ft const EVP_MD *
 .Fo EVP_MD_CTX_md
 .Fa "const EVP_MD_CTX *ctx"
 .Fc
-.Ft int
-.Fo EVP_MD_CTX_size
-.Fa "const EVP_MD_CTX *ctx"
-.Fc
-.Ft int
-.Fo EVP_MD_CTX_block_size
-.Fa "const EVP_MD_CTX *ctx"
-.Fc
-.Ft int
-.Fo EVP_MD_CTX_type
-.Fa "const EVP_MD_CTX *ctx"
-.Fc
-.Ft void *
-.Fo EVP_MD_CTX_md_data
-.Fa "const EVP_MD_CTX *ctx"
-.Fc
-.Ft EVP_PKEY_CTX *
-.Fo EVP_MD_CTX_pkey_ctx
-.Fa "const EVP_MD_CTX *ctx"
-.Fc
-.Ft void
-.Fo EVP_MD_CTX_set_pkey_ctx
-.Fa "EVP_MD_CTX *ctx"
-.Fa "EVP_PKEY_CTX *pctx"
-.Fc
 .Ft const EVP_MD *
 .Fn EVP_md_null void
 .Ft const EVP_MD *
@@ -329,70 +247,6 @@ and
 .Fn EVP_MD_CTX_free ,
 respectively.
 .Pp
-.Fn EVP_MD_CTX_ctrl
-performs the digest-specific control
-.Fa command
-with the command-specific arguments
-.Fa p1
-and
-.Fa p2
-on
-.Fa ctx ,
-which needs to already be set up with
-.Fn EVP_DigestInit_ex
-before calling this function.
-Other restrictions may apply depending on the control
-.Fa command
-and digest implementation.
-.Pp
-If the
-.Fa command
-is
-.Dv EVP_MD_CTRL_MICALG ,
-.Fa p1
-is ignored and
-.Fa p2
-is an output argument of the type
-.Fa "char **p2" .
-A string specifying the digest Message Integrity Check algorithm
-is allocated and a pointer to this string is returned in
-.Pf * Fa p2 .
-It is the responsibility of the caller to
-.Xr free 3
-.Pf * Fa p2
-when it is no longer needed.
-This
-.Fa command
-is used by
-.Xr SMIME_write_ASN1 3
-when creating S/MIME multipart/signed messages as specified in RFC 3851.
-.Pp
-.Fn EVP_MD_CTX_set_flags
-sets and
-.Fn EVP_MD_CTX_clear_flags
-clears all the flag bits in
-.Fa ctx
-that are set in the
-.Fa flags
-argument.
-.Fn EVP_MD_CTX_test_flags
-tests which of the flag bits that are set in the
-.Fa flags
-argument are also set in
-.Fa ctx .
-Possible flag bits are:
-.Bl -tag -width Ds -offset 2n
-.It Dv EVP_MD_CTX_FLAG_NO_INIT
-Instruct
-.Fn EVP_DigestInit_ex
-and functions calling it not to initialise the internal data
-that is specific to the digest method and its implementation.
-.It Dv EVP_MD_CTX_FLAG_ONESHOT
-Instruct the digest to optimize for one update only, if possible.
-For digest algorithms built into the library, this flag usually
-has no effect.
-.El
-.Pp
 .Fn EVP_DigestInit_ex
 sets up the digest context
 .Fa ctx
@@ -505,111 +359,6 @@ except that it requires
 before a context that was already used can be passed as
 .Fa out .
 .Pp
-.Fn EVP_MD_size
-and
-.Fn EVP_MD_CTX_size
-return the size of the message digest when passed an
-.Vt EVP_MD
-or an
-.Vt EVP_MD_CTX
-structure, i.e. the size of the hash.
-.Pp
-.Fn EVP_MD_block_size
-and
-.Fn EVP_MD_CTX_block_size
-return the block size of the message digest when passed an
-.Vt EVP_MD
-or an
-.Vt EVP_MD_CTX
-structure.
-.Pp
-.Fn EVP_MD_type
-and
-.Fn EVP_MD_CTX_type
-return the NID of the OBJECT IDENTIFIER representing the message digest.
-For example
-.Fn EVP_MD_type EVP_sha512()
-returns
-.Dv NID_sha512 .
-These functions are normally used when setting ASN.1 OIDs.
-.Pp
-.Fn EVP_MD_CTX_md_data
-returns the digest method private data of
-.Fa ctx .
-The space was allocated and its size set with
-.Xr EVP_MD_meth_set_app_datasize 3 .
-.Pp
-.Fn EVP_MD_flags
-returns the
-.Fa md
-flags.
-These are different from the
-.Vt EVP_MD_CTX
-ones.
-See
-.Xr EVP_MD_meth_set_flags 3
-for more information.
-.Pp
-.Fn EVP_MD_pkey_type
-returns the NID of the public key signing algorithm associated with this
-digest.
-For example
-.Fn EVP_sha512
-is associated with RSA so this will return
-.Dv NID_sha512WithRSAEncryption .
-Since digests and signature algorithms are no longer linked, this
-function is only retained for compatibility reasons.
-.Pp
-.Fn EVP_MD_CTX_pkey_ctx
-returns the
-.Vt EVP_PKEY_CTX
-assigned to
-.Fa ctx .
-The returned pointer should not be freed by the caller.
-.Pp
-.Fn EVP_MD_CTX_set_pkey_ctx
-assigns
-.Fa pctx
-to
-.Fa ctx .
-This is normally used to provide a customized
-.Vt EVP_PKEY_CTX
-to
-.Xr EVP_DigestSignInit 3
-or
-.Xr EVP_DigestVerifyInit 3 .
-The caller retains ownership of the
-.Fa pctx
-passed to this function and is responsible for freeing it
-when it is no longer needed.
-.Pp
-If the
-.Fa ctx
-already contains a
-.Vt EVP_PKEY_CTX
-when this function is called, that old
-.Vt EVP_PKEY_CTX
-is freed if it was created internally, but if it was also installed with
-.Fn EVP_MD_CTX_set_pkey_ctx ,
-the pointer to the old
-.Vt EVP_PKEY_CTX
-is merely replaced by the new pointer and ownership of the old
-.Vt EVP_PKEY_CTX
-remains with the previous caller.
-.Pp
-Passing a
-.Dv NULL
-pointer for the
-.Fa pctx
-argument is also allowed.
-In that case, any
-.Vt EVP_PKEY_CTX
-already assigned to
-.Fa ctx
-is dissociated from it as described above, but no new
-.Vt EVP_PKEY_CTX
-is assigned.
-.Pp
 .Fn EVP_sha224 ,
 .Fn EVP_sha256 ,
 .Fn EVP_sha384 ,
@@ -642,10 +391,7 @@ return an
 structure when passed a digest name, a digest NID, or an ASN1_OBJECT
 structure respectively.
 .Pp
-.Fn EVP_MD_CTX_size ,
-.Fn EVP_MD_CTX_block_size ,
-.Fn EVP_MD_CTX_type ,
-.Fn EVP_get_digestbynid ,
+.Fn EVP_get_digestbynid
 and
 .Fn EVP_get_digestbyobj
 are implemented as macros.
@@ -693,7 +439,6 @@ and
 .Fn EVP_MD_CTX_cleanup
 always return 1.
 .Pp
-.Fn EVP_MD_CTX_ctrl ,
 .Fn EVP_DigestInit_ex ,
 .Fn EVP_DigestUpdate ,
 .Fn EVP_DigestFinal_ex ,
@@ -705,27 +450,6 @@ and
 .Fn EVP_MD_CTX_copy
 return 1 for success or 0 for failure.
 .Pp
-.Fn EVP_MD_CTX_test_flags
-returns the bitwise OR of the
-.Fa flags
-argument and the flags set in
-.Fa ctx .
-.Pp
-.Fn EVP_MD_type ,
-.Fn EVP_MD_pkey_type ,
-and
-.Fn EVP_MD_CTX_type
-return the NID of the corresponding OBJECT IDENTIFIER or
-.Dv NID_undef
-if none exists.
-.Pp
-.Fn EVP_MD_size ,
-.Fn EVP_MD_block_size ,
-.Fn EVP_MD_CTX_size ,
-and
-.Fn EVP_MD_CTX_block_size
-return the digest or block size in bytes.
-.Pp
 .Fn EVP_MD_CTX_md
 returns the
 .Vt EVP_MD
@@ -805,7 +529,9 @@ main(int argc, char *argv[])
 .Xr EVP_BytesToKey 3 ,
 .Xr EVP_DigestSignInit 3 ,
 .Xr EVP_DigestVerifyInit 3 ,
+.Xr EVP_MD_CTX_ctrl 3 ,
 .Xr EVP_MD_meth_new 3 ,
+.Xr EVP_MD_nid 3 ,
 .Xr EVP_PKEY_CTX_set_signature_md 3 ,
 .Xr EVP_PKEY_meth_set_signctx 3 ,
 .Xr EVP_sha1 3 ,
@@ -829,24 +555,14 @@ main(int argc, char *argv[])
 and
 .Dv EVP_MAX_MD_SIZE
 first appeared in SSLeay 0.5.1.
-.Fn EVP_MD_size
-first appeared in SSLeay 0.6.6.
-.Fn EVP_MD_CTX_size ,
-.Fn EVP_MD_CTX_type ,
-.Fn EVP_md_null ,
+.Fn EVP_md_null
 and
 .Fn EVP_get_digestbyname
 first appeared in SSLeay 0.8.0.
-.Fn EVP_MD_type ,
-.Fn EVP_MD_pkey_type ,
-.Fn EVP_get_digestbynid ,
+.Fn EVP_get_digestbynid
 and
 .Fn EVP_get_digestbyobj
 first appeared in SSLeay 0.8.1.
-.Fn EVP_MD_block_size ,
-.Fn EVP_MD_CTX_size ,
-.Fn EVP_MD_CTX_block_size ,
-and
 .Fn EVP_ripemd160
 first appeared in SSLeay 0.9.0.
 All these functions have been available since
@@ -864,9 +580,6 @@ first appeared in OpenSSL 0.9.5 and has been available since
 .Fn EVP_MD_CTX_create ,
 .Fn EVP_MD_CTX_cleanup ,
 .Fn EVP_MD_CTX_destroy ,
-.Fn EVP_MD_CTX_set_flags ,
-.Fn EVP_MD_CTX_clear_flags ,
-.Fn EVP_MD_CTX_test_flags ,
 .Fn EVP_DigestInit_ex ,
 .Fn EVP_DigestFinal_ex ,
 .Fn EVP_Digest ,
@@ -884,15 +597,6 @@ first appeared in OpenSSL 0.9.7h and 0.9.8a
 and have been available since
 .Ox 4.0 .
 .Pp
-.Fn EVP_MD_flags
-first appeared in OpenSSL 1.0.0
-and has been available since
-.Ox 4.9 .
-.Pp
-.Fn EVP_MD_CTX_ctrl
-first appeared in OpenSSL 1.1.0 and has been available since
-.Ox 5.7 .
-.Pp
 .Fn EVP_MD_CTX_new ,
 .Fn EVP_MD_CTX_reset ,
 and
@@ -900,15 +604,6 @@ and
 first appeared in OpenSSL 1.1.0 and have been available since
 .Ox 6.3 .
 .Pp
-.Fn EVP_MD_CTX_md_data
-and
-.Fn EVP_MD_CTX_pkey_ctx
-first appeared in OpenSSL 1.1.0 and
-.Fn EVP_MD_CTX_set_pkey_ctx
-in OpenSSL 1.1.1.
-These functions have been available since
-.Ox 7.1 .
-.Pp
 .Fn EVP_sha512_224
 and
 .Fn EVP_sha512_256

lib/libcrypto/man/EVP_MD_CTX_ctrl.3

@@ -0,0 +1,274 @@
+.\" $OpenBSD: EVP_MD_CTX_ctrl.3,v 1.1 2023/09/07 14:22:11 schwarze Exp $
+.\" full merge up to: OpenSSL man3/EVP_DigestInit.pod
+.\" 24a535ea Sep 22 13:14:20 2020 +0100
+.\"
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Richard Levitte <levitte@openssl.org>,
+.\" Todd Short <tshort@akamai.com>, Paul Yang <yang.yang@baishancloud.com>,
+.\" and Antoine Salon <asalon@vmware.com>.
+.\" Copyright (c) 2015, 2016, 2018, 2019 The OpenSSL Project.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: September 7 2023 $
+.Dt EVP_MD_CTX_CTRL 3
+.Os
+.Sh NAME
+.Nm EVP_MD_CTX_ctrl ,
+.Nm EVP_MD_CTX_set_flags ,
+.Nm EVP_MD_CTX_clear_flags ,
+.Nm EVP_MD_CTX_test_flags ,
+.Nm EVP_MD_CTX_pkey_ctx ,
+.Nm EVP_MD_CTX_set_pkey_ctx ,
+.Nm EVP_MD_CTX_md_data
+.Nd configure EVP message digest contexts
+.Sh SYNOPSIS
+.In openssl/evp.h
+.Ft int
+.Fo EVP_MD_CTX_ctrl
+.Fa "EVP_MD_CTX *ctx"
+.Fa "int command"
+.Fa "int p1"
+.Fa "void* p2"
+.Fc
+.Ft void
+.Fo EVP_MD_CTX_set_flags
+.Fa "EVP_MD_CTX *ctx"
+.Fa "int flags"
+.Fc
+.Ft void
+.Fo EVP_MD_CTX_clear_flags
+.Fa "EVP_MD_CTX *ctx"
+.Fa "int flags"
+.Fc
+.Ft int
+.Fo EVP_MD_CTX_test_flags
+.Fa "const EVP_MD_CTX *ctx"
+.Fa "int flags"
+.Fc
+.Ft EVP_PKEY_CTX *
+.Fo EVP_MD_CTX_pkey_ctx
+.Fa "const EVP_MD_CTX *ctx"
+.Fc
+.Ft void
+.Fo EVP_MD_CTX_set_pkey_ctx
+.Fa "EVP_MD_CTX *ctx"
+.Fa "EVP_PKEY_CTX *pctx"
+.Fc
+.Ft void *
+.Fo EVP_MD_CTX_md_data
+.Fa "const EVP_MD_CTX *ctx"
+.Fc
+.Sh DESCRIPTION
+.Fn EVP_MD_CTX_ctrl
+performs the digest-specific control
+.Fa command
+with the command-specific arguments
+.Fa p1
+and
+.Fa p2
+on
+.Fa ctx ,
+which needs to already be set up with
+.Xr EVP_DigestInit_ex 3
+before calling this function.
+Other restrictions may apply depending on the control
+.Fa command
+and digest implementation.
+.Pp
+If the
+.Fa command
+is
+.Dv EVP_MD_CTRL_MICALG ,
+.Fa p1
+is ignored and
+.Fa p2
+is an output argument of the type
+.Fa "char **p2" .
+A string specifying the digest Message Integrity Check algorithm
+is allocated and a pointer to this string is returned in
+.Pf * Fa p2 .
+It is the responsibility of the caller to
+.Xr free 3
+.Pf * Fa p2
+when it is no longer needed.
+This
+.Fa command
+is used by
+.Xr SMIME_write_ASN1 3
+when creating S/MIME multipart/signed messages as specified in RFC 3851.
+.Pp
+.Fn EVP_MD_CTX_set_flags
+sets and
+.Fn EVP_MD_CTX_clear_flags
+clears all the flag bits in
+.Fa ctx
+that are set in the
+.Fa flags
+argument.
+.Fn EVP_MD_CTX_test_flags
+tests which of the flag bits that are set in the
+.Fa flags
+argument are also set in
+.Fa ctx .
+Possible flag bits are:
+.Bl -tag -width Ds -offset 2n
+.It Dv EVP_MD_CTX_FLAG_NO_INIT
+Instruct
+.Xr EVP_DigestInit_ex 3
+and functions calling it not to initialise the internal data
+that is specific to the digest method and its implementation.
+.It Dv EVP_MD_CTX_FLAG_ONESHOT
+Instruct the digest to optimize for one update only, if possible.
+For digest algorithms built into the library, this flag usually
+has no effect.
+.El
+.Pp
+.Fn EVP_MD_CTX_pkey_ctx
+returns the
+.Vt EVP_PKEY_CTX
+assigned to
+.Fa ctx .
+The returned pointer should not be freed by the caller.
+.Pp
+.Fn EVP_MD_CTX_set_pkey_ctx
+assigns
+.Fa pctx
+to
+.Fa ctx .
+This is normally used to provide a customized
+.Vt EVP_PKEY_CTX
+to
+.Xr EVP_DigestSignInit 3
+or
+.Xr EVP_DigestVerifyInit 3 .
+The caller retains ownership of the
+.Fa pctx
+passed to this function and is responsible for freeing it
+when it is no longer needed.
+.Pp
+If the
+.Fa ctx
+already contains a
+.Vt EVP_PKEY_CTX
+when this function is called, that old
+.Vt EVP_PKEY_CTX
+is freed if it was created internally, but if it was also installed with
+.Fn EVP_MD_CTX_set_pkey_ctx ,
+the pointer to the old
+.Vt EVP_PKEY_CTX
+is merely replaced by the new pointer and ownership of the old
+.Vt EVP_PKEY_CTX
+remains with the previous caller.
+.Pp
+Passing a
+.Dv NULL
+pointer for the
+.Fa pctx
+argument is also allowed.
+In that case, any
+.Vt EVP_PKEY_CTX
+already assigned to
+.Fa ctx
+is dissociated from it as described above, but no new
+.Vt EVP_PKEY_CTX
+is assigned.
+.Pp
+.Fn EVP_MD_CTX_md_data
+returns the digest method private data of
+.Fa ctx .
+The space was allocated and its size set with
+.Xr EVP_MD_meth_set_app_datasize 3 .
+.Sh RETURN VALUES
+.Fn EVP_MD_CTX_ctrl
+returns 1 for success or 0 for failure.
+.Pp
+.Fn EVP_MD_CTX_test_flags
+returns the bitwise OR of the
+.Fa flags
+argument and the flags set in
+.Fa ctx .
+.Sh SEE ALSO
+.Xr evp 3 ,
+.Xr EVP_DigestInit 3 ,
+.Xr EVP_MD_meth_new 3 ,
+.Xr EVP_MD_nid 3
+.Sh HISTORY
+.Fn EVP_MD_CTX_set_flags ,
+.Fn EVP_MD_CTX_clear_flags ,
+and
+.Fn EVP_MD_CTX_test_flags ,
+first appeared in OpenSSL 0.9.7 and have been available since
+.Ox 3.2 .
+.Pp
+.Fn EVP_MD_CTX_ctrl
+first appeared in OpenSSL 1.1.0 and has been available since
+.Ox 5.7 .
+.Pp
+.Fn EVP_MD_CTX_pkey_ctx
+and
+.Fn EVP_MD_CTX_md_data
+first appeared in OpenSSL 1.1.0 and
+.Fn EVP_MD_CTX_set_pkey_ctx
+in OpenSSL 1.1.1.
+These functions have been available since
+.Ox 7.1 .

lib/libcrypto/man/EVP_MD_nid.3

@@ -0,0 +1,265 @@
+.\" $OpenBSD: EVP_MD_nid.3,v 1.3 2023/09/07 16:32:41 schwarze Exp $
+.\" full merge up to: OpenSSL man3/EVP_DigestInit.pod
+.\" 24a535ea Sep 22 13:14:20 2020 +0100
+.\"
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>
+.\" and Antoine Salon <asalon@vmware.com>.
+.\" Copyright (c) 2000, 2012, 2019 The OpenSSL Project.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: September 7 2023 $
+.Dt EVP_MD_NID 3
+.Os
+.Sh NAME
+.Nm EVP_MD_nid ,
+.Nm EVP_MD_type ,
+.Nm EVP_MD_CTX_type ,
+.Nm EVP_MD_name ,
+.Nm EVP_MD_size ,
+.Nm EVP_MD_CTX_size ,
+.Nm EVP_MD_block_size ,
+.Nm EVP_MD_CTX_block_size ,
+.Nm EVP_MD_flags ,
+.Nm EVP_MD_pkey_type
+.Nd inspect EVP_MD objects
+.Sh SYNOPSIS
+.In openssl/evp.h
+.Ft int
+.Fo EVP_MD_nid
+.Fa "const EVP_MD *md"
+.Fc
+.Ft int
+.Fo EVP_MD_type
+.Fa "const EVP_MD *md"
+.Fc
+.Ft int
+.Fo EVP_MD_CTX_type
+.Fa "const EVP_MD_CTX *ctx"
+.Fc
+.Ft const char *
+.Fo EVP_MD_name
+.Fa "const EVP_MD *md"
+.Fc
+.Ft int
+.Fo EVP_MD_size
+.Fa "const EVP_MD *md"
+.Fc
+.Ft int
+.Fo EVP_MD_CTX_size
+.Fa "const EVP_MD_CTX *ctx"
+.Fc
+.Ft int
+.Fo EVP_MD_block_size
+.Fa "const EVP_MD *md"
+.Fc
+.Ft int
+.Fo EVP_MD_CTX_block_size
+.Fa "const EVP_MD_CTX *ctx"
+.Fc
+.Ft unsigned long
+.Fo EVP_MD_flags
+.Fa "const EVP_MD *md"
+.Fc
+.Ft int
+.Fo EVP_MD_pkey_type
+.Fa "const EVP_MD *md"
+.Fc
+.Sh DESCRIPTION
+.Fn EVP_MD_nid
+and
+.Fn EVP_MD_type
+are identical and return the numerical identifier (NID) of
+.Fa md .
+The NID is an internal value which may or may not have
+a corresponding ASN.1 OBJECT IDENTIFIER; see
+.Xr OBJ_nid2obj 3
+for details.
+For example ,
+.Fn EVP_MD_type EVP_sha512()
+returns
+.Dv NID_sha512 .
+.Fn EVP_MD_CTX_type
+returns the NID of the message digest algorithm that
+.Fa ctx
+is configured to use.
+These functions are normally used when setting ASN.1 OIDs.
+.Pp
+.Fn EVP_MD_name
+converts the NID of
+.Fa md
+to its short name with
+.Xr OBJ_nid2sn 3 .
+.Pp
+.Fn EVP_MD_size
+returns the size in bytes of the message digests (hashes) produced by
+.Fa md .
+.Fn EVP_MD_CTX_size
+return the size of the hashes produced by the message digest algorithm that
+.Fa ctx
+is configured to use.
+.Pp
+.Fn EVP_MD_block_size
+returns the block size in bytes of
+.Fa md .
+.Fn EVP_MD_CTX_block_size
+returns the block size of the message digest algorithm that
+.Fa ctx
+is configured to use.
+.Pp
+.Fn EVP_MD_flags
+returns the message digest flags used by
+.Fa md .
+The meaning of the flags is described in the
+.Xr EVP_MD_meth_set_flags 3
+manual page.
+Be careful to not confuse these flags with the unrelated
+message digest context flags that can be inspected with
+.Xr EVP_MD_CTX_test_flags 3 .
+.Pp
+.Fn EVP_MD_pkey_type
+returns the NID of the public key signing algorithm associated with this
+digest.
+For example,
+.Xr EVP_sha512 3
+is associated with RSA, so this returns
+.Dv NID_sha512WithRSAEncryption .
+Since digests and signature algorithms are no longer linked, this
+function is only retained for compatibility reasons.
+.Pp
+.Fn EVP_MD_nid ,
+.Fn EVP_MD_CTX_type ,
+.Fn EVP_MD_name ,
+.Fn EVP_MD_CTX_size ,
+and
+.Fn EVP_MD_CTX_block_size
+are implemented as macros.
+.Sh RETURN VALUES
+.Fn EVP_MD_nid ,
+.Fn EVP_MD_type ,
+.Fn EVP_MD_CTX_type ,
+and
+.Fn EVP_MD_pkey_type
+return the NID of the corresponding OBJECT IDENTIFIER or
+.Dv NID_undef
+if none exists.
+.Pp
+.Fn EVP_MD_name
+returns a pointer to a string
+that is owned by an internal library object or
+.Dv NULL
+if the NID is neither built into the library nor added to the global
+object table by one of the functions documented in the manual page
+.Xr OBJ_create 3 ,
+or if the object does not contain a short name.
+.Pp
+.Fn EVP_MD_size ,
+.Fn EVP_MD_CTX_size ,
+.Fn EVP_MD_block_size ,
+and
+.Fn EVP_MD_CTX_block_size
+return the digest or block size in bytes.
+.Sh SEE ALSO
+.Xr evp 3 ,
+.Xr EVP_DigestInit 3 ,
+.Xr EVP_MD_CTX_ctrl 3 ,
+.Xr OBJ_nid2obj 3
+.Sh HISTORY
+.Fn EVP_MD_size
+first appeared in SSLeay 0.6.6,
+.Fn EVP_MD_CTX_size
+and
+.Fn EVP_MD_CTX_type
+in SSLeay 0.8.0,
+.Fn EVP_MD_type
+and
+.Fn EVP_MD_pkey_type
+in SSLeay 0.8.1, and
+.Fn EVP_MD_block_size
+and
+.Fn EVP_MD_CTX_block_size
+in SSLeay 0.9.0.
+All these functions have been available since
+.Ox 2.4 .
+.Pp
+.Fn EVP_MD_nid
+and
+.Fn EVP_MD_name
+first appeared in OpenSSL 0.9.7 and have been available since
+.Ox 3.2 .
+.Pp
+.Fn EVP_MD_flags
+first appeared in OpenSSL 1.0.0
+and has been available since
+.Ox 4.9 .
+.Sh CAVEATS
+The behaviour of the functions taking an
+.Vt EVP_MD_CTX
+argument is undefined if they are called on a
+.Fa ctx
+that has no message digest configured yet,
+for example one freshly returned from
+.Xr EVP_MD_CTX_new 3 .
+In that case, the program may for example be terminated by a
+.Dv NULL
+pointer access.

lib/libcrypto/man/Makefile

@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.266 2023/08/31 17:27:41 schwarze Exp $
+# $OpenBSD: Makefile,v 1.267 2023/09/07 14:22:11 schwarze Exp $
 
 .include <bsd.own.mk>
 
@@ -175,7 +175,9 @@ MAN=	\
 	EVP_DigestVerifyInit.3 \
 	EVP_EncodeInit.3 \
 	EVP_EncryptInit.3 \
+	EVP_MD_CTX_ctrl.3 \
 	EVP_MD_meth_new.3 \
+	EVP_MD_nid.3 \
 	EVP_OpenInit.3 \
 	EVP_PKCS82PKEY.3 \
 	EVP_PKEY_CTX_ctrl.3 \

lib/libcrypto/man/evp.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: evp.3,v 1.22 2023/08/31 17:27:41 schwarze Exp $
+.\" $OpenBSD: evp.3,v 1.23 2023/09/07 14:22:11 schwarze Exp $
 .\" full merge up to: OpenSSL man7/evp 24a535ea Sep 22 13:14:20 2020 +0100
 .\"
 .\" This file was written by Ulf Moeller <ulf@openssl.org>,
@@ -51,7 +51,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 31 2023 $
+.Dd $Mdocdate: September 7 2023 $
 .Dt EVP 3
 .Os
 .Sh NAME
@@ -211,7 +211,9 @@ operations are more efficient using the high-level interfaces.
 .Xr EVP_DigestVerifyInit 3 ,
 .Xr EVP_EncodeInit 3 ,
 .Xr EVP_EncryptInit 3 ,
+.Xr EVP_MD_CTX_ctrl 3 ,
 .Xr EVP_MD_meth_new 3 ,
+.Xr EVP_MD_nid 3 ,
 .Xr EVP_OpenInit 3 ,
 .Xr EVP_PKCS82PKEY 3 ,
 .Xr EVP_PKEY_add1_attr 3 ,

lib/libm/src/w_drem.c

@@ -8,8 +8,7 @@
 #include <math.h>
 
 double
-drem(x, y)
-	double x, y;
+drem(double x, double y)
 {
 	return remainder(x, y);
 }

share/man/man4/mcx.4

@@ -1,4 +1,4 @@
-.\" $OpenBSD: mcx.4,v 1.2 2019/05/04 15:57:20 jmc Exp $
+.\" $OpenBSD: mcx.4,v 1.3 2023/09/07 01:45:53 jsg Exp $
 .\"
 .\" Copyright (c) 2019 David Gwynne <dlg@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: May 4 2019 $
+.Dd $Mdocdate: September 7 2023 $
 .Dt MCX 4
 .Os
 .Sh NAME
@@ -37,6 +37,10 @@ ConnectX-4 EN
 ConnectX-5 EN
 .It
 ConnectX-6 EN
+.It
+ConnectX-6 Dx EN
+.It
+ConnectX-6 Lx EN
 .El
 .Sh SEE ALSO
 .Xr arp 4 ,

share/man/man5/bsd.port.mk.5

@@ -1,4 +1,4 @@
-.\" $OpenBSD: bsd.port.mk.5,v 1.612 2023/09/06 22:28:50 espie Exp $
+.\" $OpenBSD: bsd.port.mk.5,v 1.620 2023/09/07 17:26:14 espie Exp $
 .\"
 .\" Copyright (c) 2000-2008 Marc Espie
 .\"
@@ -24,7 +24,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 6 2023 $
+.Dd $Mdocdate: September 7 2023 $
 .Dt BSD.PORT.MK 5
 .Os
 .Sh NAME
@@ -1801,9 +1801,9 @@ If defined,
 .Nm
 will provide dummy values for variables mandatory for a minimally functional
 port.
-Used by
+Used by the
 .Pa sqlports
-and
+package and
 .Xr dpb 1
 to perform introspection and obtain
 .Nm Ns 's
@@ -1865,7 +1865,9 @@ and
 for other common issues).
 .Pp
 Note that setting fatal errors defeats all introspection mechanisms and breaks
-.Pa sqlports .
+the
+.Pa sqlports
+package.
 .Pp
 Tip: if you need to debug a fatal error, you can always override
 .Ev ERRORS
@@ -2541,9 +2543,9 @@ User settings.
 Location for built packages.
 Defaults to
 .Pa ${PORTSDIR}/packages .
-See
+See the
 .Cm package
-for details.
+target for details.
 .It Ev PARALLEL_MAKE_FLAGS
 Used when
 .Ev DPB_PROPERTIES
@@ -2665,6 +2667,10 @@ ports:
 .Bd -literal
 PATCH_LIST=${PORTSDIR}/x11/kde/libs2/patches/p-* patch-*
 .Ed
+.Pp
+But beware that minor variations will result in
+.Cm update-patches
+creating useless churn !
 .It Ev PATCH_STRIP
 Patch option used to strip directory levels while applying port's patches.
 Defaults to -p0.
@@ -2765,7 +2771,10 @@ as per default.
 Setting of env variable
 .Ev HOME
 for most shell invocations.
-Default will trip ports that try to write into $HOME while building.
+Default will trip ports that try to write into $HOME while building:
+non-existent
+.Pa /${PKGPATH}_writes_to_HOME/ .
+
 .It Ev PORTPATH
 Path used by most shell invocations.
 Don't override unless really needed.
@@ -2987,8 +2996,8 @@ and
 .Xr pkg_create 1
 to use their progress-meter even in the absence of a terminal.
 .It Ev PROPERTIES
-List of properties specific to a given machine architecture.
-Most often obtained through
+List of properties specific to a given machine architecture,
+obtained through the inclusion of
 .Xr bsd.port.arch.mk 5 .
 These can be checked like this
 .Bd -literal -offset indent
@@ -3187,11 +3196,22 @@ port.
 Porters of software using libtool should make sure
 .Ev MAKE_FLAGS
 get propagated to the libtool invocations.
-This should be enough in most cases.
+.Pp
+Most common build systems in the ports tree have been modified
+to handle this mechanism correctly.
 .It Ev SITE_BACKUP
 User settings.
 List of sites to try after normal master sites.
 Normally includes ${SITE_OPENBSD} and ${SITE_FREEBSD}.
+.Po
+For now the ports tree is transitioning from
+.Ev MASTER_SITES*
+to
+.Ev SITES*
+which means that
+.Ev MASTER_SITE_BACKUP
+should be set instead until the transition is complete.
+.Pc
 .It Ev SITE_*
 Lists of standard sites to retrieve files from, refer to
 .Pa ${PORTSDIR}/infrastructure/db/network.conf
@@ -3222,7 +3242,7 @@ See
 for details.
 Suffix should start with
 .Sq \&.
-for consistency.
+and be all lowercase for consistency.
 .It Ev SITES0 , ... , SITES9
 Supplementary locations from which distribution files and patchfiles are
 retrieved (deprecated).
@@ -3362,14 +3382,13 @@ in
 the ports tree will only invoke root's privileges for the parts that
 really require it.
 .It Ev SUPDISTFILES*
-Supplementary files that need to be retrieved under some specific
-circumstances.
-For instance, a port might need architecture-specific files.
+Supplementary distribution files for mirroring and creating checksums with
+.Cm makesum .
+For instance, a port might need architecture-specific files, or have
+some flavor that requires more code.
 .Ev SUPDISTFILES*
-should hold a list of all distribution files and patchfiles that are not
-always needed, so that a mirror will be able to grab all files, or that
-.Cm makesum
-will work.
+should hold a list of all those distribution files and patchfiles
+that are not always needed.
 Having an overlap between
 .Ev SUPDISTFILES*
 and
@@ -3396,7 +3415,9 @@ Set to the list of special targets for a port
 .Cm {pre,do,post}-*
 and module hooks
 .Pc .
-Used by introspection tools such as the sqlports package.
+Used by introspection tools such as the
+.Pa sqlports
+package.
 .It Ev TEMPLATE_DISTFILES.<name>
 Template used to construct
 .Ev DISTFILES.name

share/man/man7/ports.7

@@ -23,10 +23,10 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ports.7,v 1.131 2023/02/19 14:37:54 sdk Exp $
+.\" $OpenBSD: ports.7,v 1.132 2023/09/07 17:19:19 espie Exp $
 .\" $FreeBSD: ports.7,v 1.7 1998/06/23 04:38:50 hoek Exp $
 .\"
-.Dd $Mdocdate: February 19 2023 $
+.Dd $Mdocdate: September 7 2023 $
 .Dt PORTS 7
 .Os
 .Sh NAME
@@ -242,7 +242,7 @@ or
 .It Cm fetch
 Fetch all of the files needed to build this port from the site(s)
 listed in
-.Ev MASTER_SITES .
+.Ev SITES .
 See
 .Ev FETCH_CMD .
 Use
@@ -563,7 +563,7 @@ Variable names starting with
 .Sq _
 are private to the ports infrastructure,
 should not be changed by the user, and are liable to change without notice.
-.Bl -tag -width MASTER_SITES
+.Bl -tag -width PORTS_PRIVSEP
 .It Ev PORTS_PRIVSEP
 If set to
 .Sq Yes ,
@@ -599,7 +599,7 @@ If set to empty, it will revert to a file under
 Where to install things in general
 (usually
 .Pa /usr/local ) .
-.It Ev MASTER_SITES
+.It Ev SITES
 Primary sites for distribution files if not found locally.
 .It Ev CLEANDEPENDS
 If set to

sys/dev/pci/if_mcx.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_mcx.c,v 1.108 2023/08/15 08:27:30 miod Exp $ */
+/*	$OpenBSD: if_mcx.c,v 1.109 2023/09/07 01:43:46 jsg Exp $ */
 
 /*
  * Copyright (c) 2017 David Gwynne <dlg@openbsd.org>
@@ -2657,6 +2657,7 @@ static const struct pci_matchid mcx_devices[] = {
 	{ PCI_VENDOR_MELLANOX,	PCI_PRODUCT_MELLANOX_MT28800VF },
 	{ PCI_VENDOR_MELLANOX,	PCI_PRODUCT_MELLANOX_MT28908 },
 	{ PCI_VENDOR_MELLANOX,	PCI_PRODUCT_MELLANOX_MT2892 },
+	{ PCI_VENDOR_MELLANOX,	PCI_PRODUCT_MELLANOX_MT2894 },
 };
 
 struct mcx_eth_proto_capability {

sys/dev/pci/pcidevs

@@ -1,4 +1,4 @@
-$OpenBSD: pcidevs,v 1.2048 2023/09/06 23:47:14 jsg Exp $
+$OpenBSD: pcidevs,v 1.2050 2023/09/07 02:11:26 daniel Exp $
 /*	$NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $	*/
 
 /*
@@ -7319,6 +7319,7 @@ product MELLANOX MT28800VF	0x101a	ConnectX-5 Ex VF
 product MELLANOX MT28908	0x101b	ConnectX-6
 product MELLANOX MT28908VF	0x101c	ConnectX-6 VF
 product MELLANOX MT2892		0x101d	ConnectX-6 Dx
+product MELLANOX MT2894		0x101f	ConnectX-6 Lx
 product MELLANOX CONNECTX_EN	0x6368	ConnectX EN
 
 /* Mentor */
@@ -8540,6 +8541,7 @@ product REALTEK RTL8192E	0x8192	RTL8192E
 product REALTEK RTL8187SE	0x8199	8187SE
 product REALTEK RTL8723AE	0x8723	8723AE
 product REALTEK RTL8821AE	0x8821	8821AE
+product REALTEK RTL8852AE	0x8852	8852AE
 product REALTEK RTL8723BE	0xb723	8723BE
 product REALTEK RTL8822BE	0xb822	8822BE
 product REALTEK RTL8821CE	0xc821	8821CE

sys/dev/pci/pcidevs.h

@@ -2,7 +2,7 @@
  * THIS FILE AUTOMATICALLY GENERATED.  DO NOT EDIT.
  *
  * generated from:
- *	OpenBSD: pcidevs,v 1.2048 2023/09/06 23:47:14 jsg Exp 
+ *	OpenBSD: pcidevs,v 1.2049 2023/09/07 01:41:09 jsg Exp 
  */
 /*	$NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $	*/
 
@@ -7324,6 +7324,7 @@
 #define	PCI_PRODUCT_MELLANOX_MT28908	0x101b		/* ConnectX-6 */
 #define	PCI_PRODUCT_MELLANOX_MT28908VF	0x101c		/* ConnectX-6 VF */
 #define	PCI_PRODUCT_MELLANOX_MT2892	0x101d		/* ConnectX-6 Dx */
+#define	PCI_PRODUCT_MELLANOX_MT2894	0x101f		/* ConnectX-6 Lx */
 #define	PCI_PRODUCT_MELLANOX_CONNECTX_EN	0x6368		/* ConnectX EN */
 
 /* Mentor */
@@ -8545,6 +8546,7 @@
 #define	PCI_PRODUCT_REALTEK_RTL8187SE	0x8199		/* 8187SE */
 #define	PCI_PRODUCT_REALTEK_RTL8723AE	0x8723		/* 8723AE */
 #define	PCI_PRODUCT_REALTEK_RTL8821AE	0x8821		/* 8821AE */
+#define	PCI_PRODUCT_REALTEK_RTL8852AE	0x8852		/* 8852AE */
 #define	PCI_PRODUCT_REALTEK_RTL8723BE	0xb723		/* 8723BE */
 #define	PCI_PRODUCT_REALTEK_RTL8822BE	0xb822		/* 8822BE */
 #define	PCI_PRODUCT_REALTEK_RTL8821CE	0xc821		/* 8821CE */

sys/dev/pci/pcidevs_data.h

@@ -2,7 +2,7 @@
  * THIS FILE AUTOMATICALLY GENERATED.  DO NOT EDIT.
  *
  * generated from:
- *	OpenBSD: pcidevs,v 1.2048 2023/09/06 23:47:14 jsg Exp 
+ *	OpenBSD: pcidevs,v 1.2049 2023/09/07 01:41:09 jsg Exp 
  */
 
 /*	$NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $	*/
@@ -26403,6 +26403,10 @@ static const struct pci_known_product pci_known_products[] = {
 	    PCI_VENDOR_MELLANOX, PCI_PRODUCT_MELLANOX_MT2892,
 	    "ConnectX-6 Dx",
 	},
+	{
+	    PCI_VENDOR_MELLANOX, PCI_PRODUCT_MELLANOX_MT2894,
+	    "ConnectX-6 Lx",
+	},
 	{
 	    PCI_VENDOR_MELLANOX, PCI_PRODUCT_MELLANOX_CONNECTX_EN,
 	    "ConnectX EN",
@@ -30743,6 +30747,10 @@ static const struct pci_known_product pci_known_products[] = {
 	    PCI_VENDOR_REALTEK, PCI_PRODUCT_REALTEK_RTL8821AE,
 	    "8821AE",
 	},
+	{
+	    PCI_VENDOR_REALTEK, PCI_PRODUCT_REALTEK_RTL8852AE,
+	    "8852AE",
+	},
 	{
 	    PCI_VENDOR_REALTEK, PCI_PRODUCT_REALTEK_RTL8723BE,
 	    "8723BE",

sys/net/pf.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf.c,v 1.1184 2023/07/31 11:13:09 dlg Exp $ */
+/*	$OpenBSD: pf.c,v 1.1185 2023/09/07 09:59:43 sashan Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -4148,6 +4148,10 @@ enter_ruleset:
 			    (r->rule_flag & PFRULE_STATESLOPPY) == 0 &&
 			    ctx->icmp_dir != PF_IN),
 				TAILQ_NEXT(r, entries));
+			/* icmp packet must match existing state */
+			PF_TEST_ATTRIB(r->keep_state && ctx->state_icmp &&
+			    (r->rule_flag & PFRULE_STATESLOPPY) == 0,
+				TAILQ_NEXT(r, entries));
 			break;
 
 		case IPPROTO_ICMPV6:
@@ -4165,6 +4169,10 @@ enter_ruleset:
 			    ctx->icmp_dir != PF_IN &&
 			    ctx->icmptype != ND_NEIGHBOR_ADVERT),
 				TAILQ_NEXT(r, entries));
+			/* icmp packet must match existing state */
+			PF_TEST_ATTRIB(r->keep_state && ctx->state_icmp &&
+			    (r->rule_flag & PFRULE_STATESLOPPY) == 0,
+				TAILQ_NEXT(r, entries));
 			break;
 
 		default:

usr.bin/tmux/tty-keys.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: tty-keys.c,v 1.168 2023/09/02 20:03:10 nicm Exp $ */
+/* $OpenBSD: tty-keys.c,v 1.170 2023/09/07 10:21:46 nicm Exp $ */
 
 /*
  * Copyright (c) 2007 Nicholas Marriott <nicholas.marriott@gmail.com>
@@ -1314,11 +1314,16 @@ tty_keys_device_attributes(struct tty *tty, const char *buf, size_t len,
 			break;
 	}
 
-	/* Add terminal features. */
+	/*
+	 * Add terminal features. Technically, VT420 and VT525 do not support
+	 * SIXEL, but some modern terminals report it anyway so we accept it
+	 * here too.
+	 */
 	switch (p[0]) {
 	case 62: /* VT220 */
 	case 63: /* VT320 */
 	case 64: /* VT420 */
+	case 65: /* VT525 */
 		for (i = 1; i < n; i++) {
 			log_debug("%s: DA feature: %d", c->name, p[i]);
 			if (p[i] == 4)
@@ -1391,6 +1396,9 @@ tty_keys_device_attributes2(struct tty *tty, const char *buf, size_t len,
 	/* Add terminal features. */
 	switch (p[0]) {
 	case 41: /* VT420 */
+	case 61: /* VT510 */
+	case 64: /* VT520 */
+	case 65: /* VT525 */
 		tty_add_features(features, "margins,rectfill", ",");
 		break;
 	case 'M': /* mintty */

usr.bin/vi/vi/v_paragraph.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: v_paragraph.c,v 1.9 2017/04/18 01:45:35 deraadt Exp $	*/
+/*	$OpenBSD: v_paragraph.c,v 1.10 2023/09/07 11:17:32 tobhe Exp $	*/
 
 /*-
  * Copyright (c) 1992, 1993, 1994
@@ -41,15 +41,20 @@
 	if (p[0] == '\014') {						\
 		if (!--cnt)						\
 			goto found;					\
+		if (pstate == P_INTEXT && !--cnt)			\
+			goto found;					\
 		continue;						\
 	}								\
 	if (p[0] != '.' || len < 2)					\
 		continue;						\
 	for (lp = VIP(sp)->ps; *lp != '\0'; lp += 2)			\
 		if (lp[0] == p[1] &&					\
-		    ((lp[1] == ' ' && len == 2) || lp[1] == p[2]) &&	\
-		    !--cnt)						\
+		    (lp[1] == ' ' && len == 2 || lp[1] == p[2])) {	\
+			if (!--cnt)					\
 				goto found;				\
+			if (pstate == P_INTEXT && !--cnt)		\
+				goto found;				\
+		}							\
 }
 
 /*