SecBSD/src
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sync with OpenBSD -current

Browse Source
This commit is contained in:
purplerain 2024-08-23 05:18:42 +00:00
parent f7a17acf06
commit 5855eb553f
Signed by: purplerain
GPG Key ID: F42C07F07E2E35B7
75 changed files with 286 additions and 284 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
games/atc/games/Atlantis
View File

@ -1,3 +1,5 @@
# $OpenBSD: Atlantis,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 5;
width = 30;

1
games/atc/games/Game_List
View File

@ -1,3 +1,4 @@
# $OpenBSD: Game_List,v 1.2 2024/08/23 04:26:11 deraadt Exp $
default
easy
crossover

2
games/atc/games/Killer
View File

@ -1,3 +1,5 @@
# $OpenBSD: Killer,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 1;
newplane = 4;
width = 30;

7
games/atc/games/OHare
View File

@ -1,3 +1,5 @@
# $OpenBSD: OHare,v 1.3 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 5;
width = 30;
@ -7,6 +9,11 @@ exit: ( 6 0 x ) ( 18 0 x )
( 29 5 a ) ( 29 13 a )
( 14 20 e ) ( 6 20 w ) ;
#
# Note: Some marker beacons at ORD were decommissioned after this file was
# written. Pilots are advised to not use the beacon information here for
# flight planning.
#
beacon: ( 6 5 ) ( 18 5 )
( 6 13 ) ;

2
games/atc/games/Tic-Tac-Toe
View File

@ -1,3 +1,5 @@
# $OpenBSD: Tic-Tac-Toe,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 5;
width = 30;

2
games/atc/games/airports
View File

@ -1,3 +1,5 @@
# $OpenBSD: airports,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 6;
newplane = 6;
width = 30;

3
games/atc/games/box
View File

@ -1,4 +1,5 @@
update = 5;
# $OpenBSD: box,v 1.2 2024/08/23 04:21:18 deraadt Exp $
newplane = 6;
width = 29;
height = 21;

2
games/atc/games/crosshatch
View File

@ -1,3 +1,5 @@
# $OpenBSD: crosshatch,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 5;
width = 30;

2
games/atc/games/crossover
View File

@ -1,3 +1,5 @@
# $OpenBSD: crossover,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 5;
width = 29;

2
games/atc/games/default
View File

@ -1,3 +1,5 @@
# $OpenBSD: default,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 10;
width = 30;

2
games/atc/games/easy
View File

@ -1,3 +1,5 @@
# $OpenBSD: easy,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 7;
newplane = 12;
width = 15;

2
games/atc/games/game_2
View File

@ -1,3 +1,5 @@
# $OpenBSD: game_2,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 8;
width = 30;

2
games/atc/games/game_3
View File

@ -1,3 +1,5 @@
# $OpenBSD: game_3,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 5;
width = 30;

2
games/atc/games/game_4
View File

@ -1,3 +1,5 @@
# $OpenBSD: game_4,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 5;
width = 30;

2
games/atc/games/novice
View File

@ -1,3 +1,5 @@
# $OpenBSD: novice,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 6;
newplane = 6;
width = 30;

2
games/atc/games/two-corners
View File

@ -1,3 +1,5 @@
# $OpenBSD: two-corners,v 1.2 2024/08/23 04:21:18 deraadt Exp $
update = 5;
newplane = 5;
width = 30;

16
games/atc/main.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: main.c,v 1.31 2021/10/23 11:22:48 mestre Exp $ */
/* $OpenBSD: main.c,v 1.32 2024/08/23 04:25:46 deraadt Exp $ */
/* $NetBSD: main.c,v 1.4 1995/04/27 21:22:25 mycroft Exp $ */
/*-
@ -227,11 +227,13 @@ default_game(void)
warn("fopen %s", games);
return (NULL);
}
if (fgets(line, sizeof(line), fp) == NULL) {
warnx("%s: no default game available", games);
fclose(fp);
return (NULL);
}
do {
if (fgets(line, sizeof(line), fp) == NULL) {
warnx("%s: no default game available", games);
fclose(fp);
return (NULL);
}
} while (line[0] == '#');
fclose(fp);
line[strcspn(line, "\n")] = '\0';
@ -261,6 +263,8 @@ okay_game(const char *s)
}
while (fgets(line, sizeof(line), fp) != NULL) {
line[strcspn(line, "\n")] = '\0';
if (line[0] == '#')
continue;
if (strcmp(s, line) == 0) {
if (strlen(line) + strlen(_PATH_GAMES) >= sizeof(file)) {
warnx("game name too long");

9
games/fortune/datfiles/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.7 2016/09/02 11:55:24 tb Exp $
# $OpenBSD: Makefile,v 1.8 2024/08/23 03:25:32 deraadt Exp $
# $NetBSD: Makefile,v 1.15 1996/02/29 00:21:16 jtc Exp $
# @(#)Makefile 8.2 (Berkeley) 4/19/94
@ -6,17 +6,10 @@ SRCS= fortunes fortunes2 startrek zippy recipes
BLDS= fortunes.dat fortunes2.dat startrek.dat zippy.dat \
fortunes-o fortunes-o.dat recipes.dat
# TO INSTALL THE POTENTIALLY OFFENSIVE FORTUNES, UNCOMMENT THE THREE
# LINES AND COMMENT OUT THE FOURTH LINE.
# THE THREE LINES
SRCS+= fortunes2-o limerick
BLDS+= fortunes2-o.dat limerick.dat
TYPE= real
# THE FOURTH LINE
#TYPE= fake
CLEANFILES+=${BLDS}
STRFILE!=cd $(.CURDIR)/../strfile; \

2
games/fortune/datfiles/fortunes-o.fake
View File

@ -1,2 +0,0 @@
There are no potentially offensive fortunes installed on this
system. For further details, contact your system administrator.

4
games/quiz/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.7 2024/08/22 04:34:19 mglocker Exp $
# $OpenBSD: Makefile,v 1.8 2024/08/23 02:46:09 deraadt Exp $
PROG= quiz
MAN= quiz.6
@ -12,7 +12,7 @@ NAPHONE= ${.CURDIR}/../../share/misc/na.phone
CLEANFILES+= areas
areas: ${NAPHONE}
${.CURDIR}/naphone2areas.sh ${NAPHONE} > areas
sh ${.CURDIR}/naphone2areas.sh ${NAPHONE} > areas
afterinstall: areas
(cd ${.CURDIR}/datfiles; ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} \

2
games/quiz/datfiles/ed
View File

@ -15,7 +15,7 @@ print every "Oxygen" or "oxygen":[g|1,$g]/\[[Oo|oO]\]xygen/[p|.p]
change each "BTL" in file to "Bell Laboratories" and check:\
[g|1,$g]/BTL/[s|.s]/[/|BTL/]Bell Laboratories/gp
combine every even-numbered line with the next odd-numbered line:\
2,${-{1}}g/[^|$]/[j|.,{.}+{1}j|.,.1j]
2,${-{1}}g/[^|$]/[j|.,{.}+{1}j|.,+1j]
print next "SH" and following line:\
/SH/;[{.}+{1}|.1]p|/SH/,[//|/SH/][{.}+{1}|.1]p
print from next "TS" to following "TE":/TS/;/TE/p

4
games/quiz/datfiles/seq-easy
View File

@ -1,6 +1,6 @@
1,2,3,4,5,6:7{(integers)}:integers|[natural|counting] numbers
1,2,3,5,8,13:21{(Fibonacci)}:Fibonacci{ seq{ence}| numbers}
0,1,1,2,4,7,13:24{(Tribonacci)}:Tribonacci{ seq{ence}| numbers}
1,2,3,5,8,13:21{(Fibonacci)}:Fibonacci{ seq{uence}| numbers}
0,1,1,2,4,7,13:24{(Tribonacci)}:Tribonacci{ seq{uence}| numbers}
1,2,4,8,16,32:64{(powers of 2)}:powers of 2|2[**|^]n
1,2,6,24,120,720:5040{(factorials)}:factorials|n!
1,3,5,7,9,11:13{(odd nos.)}:odd [integ|numb]ers

4
games/trek/USD.doc/spell.ok
View File

@ -13,9 +13,9 @@ Stardate
Starsystem
TO:02:06:12
Torpedoes
Trek''USD:34
Trek''USD:31
U.S.S
USD:34
USD:31
XII
amt1
anual

3
gnu/llvm/lldb/source/Plugins/Process/OpenBSDKernel/ProcessOpenBSDKernel.h
View File

@ -43,6 +43,9 @@ public:
lldb_private::DynamicLoader *GetDynamicLoader() override;
// Process Queries
bool WarnBeforeDetach() const override { return false; }
protected:
bool DoUpdateThreadList(lldb_private::ThreadList &old_thread_list,
lldb_private::ThreadList &new_thread_list) override;

3
lib/libcrypto/evp/evp_local.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: evp_local.h,v 1.22 2024/04/12 09:41:39 tb Exp $ */
/* $OpenBSD: evp_local.h,v 1.23 2024/08/22 12:24:24 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
@ -175,7 +175,6 @@ struct evp_pkey_st {
#endif
} pkey;
int save_parameters;
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
} /* EVP_PKEY */;
struct evp_md_st {

41
lib/libcrypto/evp/evp_pkey.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: evp_pkey.c,v 1.30 2024/07/14 16:06:31 tb Exp $ */
/* $OpenBSD: evp_pkey.c,v 1.31 2024/08/22 12:21:07 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
@ -142,49 +142,18 @@ error:
LCRYPTO_ALIAS(EVP_PKEY2PKCS8);
/*
* XXX - This is only used by openssl(1) pkcs12 for the Microsoft-specific
* NID_ms_csp_name and NID_LocalKeySet. This turns out to be the only reason
* why attributes hangs off the EVP_PKEY struct.
* XXX - delete all the garbage below in the next bump.
*/
int
EVP_PKEY_add1_attr_by_NID(EVP_PKEY *pkey, int nid, int type,
const unsigned char *bytes, int len)
{
STACK_OF(X509_ATTRIBUTE) *attrs = NULL;
X509_ATTRIBUTE *attr = NULL;
int ret = 0;
if ((attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type,
bytes, len)) == NULL)
goto err;
if ((attrs = pkey->attributes) == NULL)
attrs = sk_X509_ATTRIBUTE_new_null();
if (attrs == NULL)
goto err;
if (sk_X509_ATTRIBUTE_push(attrs, attr) <= 0)
goto err;
attr = NULL;
pkey->attributes = attrs;
attrs = NULL;
ret = 1;
err:
X509_ATTRIBUTE_free(attr);
if (attrs != pkey->attributes)
sk_X509_ATTRIBUTE_pop_free(attrs, X509_ATTRIBUTE_free);
return ret;
EVPerror(ERR_R_DISABLED);
return 0;
}
LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_NID);
/*
* XXX - delete all the garbage below in the next bump.
*/
int
EVP_PKEY_get_attr_count(const EVP_PKEY *key)
{

3
lib/libcrypto/evp/p_lib.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: p_lib.c,v 1.60 2024/04/09 13:52:41 beck Exp $ */
/* $OpenBSD: p_lib.c,v 1.61 2024/08/22 12:24:24 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -422,7 +422,6 @@ EVP_PKEY_free(EVP_PKEY *pkey)
return;
evp_pkey_free_pkey_ptr(pkey);
sk_X509_ATTRIBUTE_pop_free(pkey->attributes, X509_ATTRIBUTE_free);
freezero(pkey, sizeof(*pkey));
}
LCRYPTO_ALIAS(EVP_PKEY_free);

5
lib/libcrypto/man/PKCS12_create.3
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: PKCS12_create.3,v 1.12 2022/03/31 17:27:17 naddy Exp $
.\" $OpenBSD: PKCS12_create.3,v 1.13 2024/08/22 12:26:01 tb Exp $
.\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400
.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
.\"
@ -49,7 +49,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: March 31 2022 $
.Dd $Mdocdate: August 22 2024 $
.Dt PKCS12_CREATE 3
.Os
.Sh NAME
@ -165,7 +165,6 @@ if an error occurred.
.Sh SEE ALSO
.Xr crypto 3 ,
.Xr d2i_PKCS12 3 ,
.Xr EVP_PKEY_add1_attr 3 ,
.Xr PKCS12_new 3 ,
.Xr PKCS12_newpass 3 ,
.Xr PKCS12_parse 3 ,

34
lib/libcrypto/pkcs12/p12_crt.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: p12_crt.c,v 1.25 2024/07/15 15:43:25 tb Exp $ */
/* $OpenBSD: p12_crt.c,v 1.26 2024/08/22 12:22:42 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
@ -69,33 +69,6 @@
static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags,
PKCS12_SAFEBAG *bag);
static int
copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid)
{
X509_ATTRIBUTE *attr = NULL;
const ASN1_OBJECT *obj;
int i;
if ((obj = OBJ_nid2obj(nid)) == NULL) {
/* XXX - this seems wrong but preserves behavior. */
return 1;
}
for (i = 0; i < sk_X509_ATTRIBUTE_num(pkey->attributes); i++) {
attr = sk_X509_ATTRIBUTE_value(pkey->attributes, i);
if (OBJ_cmp(attr->object, obj) == 0)
break;
attr = NULL;
}
if (attr == NULL)
return 1;
if (!X509at_add1_attr(&bag->attrib, attr))
return 0;
return 1;
}
PKCS12 *
PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert,
STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter,
@ -158,11 +131,6 @@ PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert,
if (!bag)
goto err;
if (!copy_bag_attr(bag, pkey, NID_ms_csp_name))
goto err;
if (!copy_bag_attr(bag, pkey, NID_LocalKeySet))
goto err;
if (name && !PKCS12_add_friendlyname(bag, name, -1))
goto err;
if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))

4
regress/sys/kern/execve/doexec.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: doexec.c,v 1.5 2003/09/02 23:52:17 david Exp $ */
/* $OpenBSD: doexec.c,v 1.6 2024/08/23 02:49:20 deraadt Exp $ */
/* $NetBSD: doexec.c,v 1.3 1995/04/20 22:43:13 cgd Exp $ */
/*
@ -46,7 +46,7 @@ main(int argc, char *argv[])
}
if (execve(argv[1], &argv[1], NULL) == -1) {
printf("%s\n", strerror(errno));
printf("errno=%d\t%s\n", errno, strerror(errno));
exit(1);
}

2
regress/sys/kern/execve/good/badinterplen
View File

@ -1 +1 @@
Exec format error
errno=8 Exec format error

2
regress/sys/kern/execve/good/devnullscript
View File

@ -1 +1 @@
Permission denied
errno=13 Permission denied

2
regress/sys/kern/execve/good/empty
View File

@ -1 +1 @@
Exec format error
errno=8 Exec format error

2
regress/sys/kern/execve/good/goodaout
View File

@ -1 +1 @@
succeeded
errno=0 succeeded

2
regress/sys/kern/execve/good/goodscript
View File

@ -1 +1 @@
succeeded
errno=0 succeeded

2
regress/sys/kern/execve/good/nonexistent
View File

@ -1 +1 @@
No such file or directory
errno=2 No such file or directory

2
regress/sys/kern/execve/good/nonexistshell
View File

@ -1 +1 @@
No such file or directory
errno=2 No such file or directory

4
regress/sys/kern/execve/good/scriptarg
View File

@ -1,2 +1,2 @@
+ echo succeeded
succeeded
+ echo errno=0 succeeded
errno=0 succeeded

4
regress/sys/kern/execve/good/scriptarg-nospace
View File

@ -1,2 +1,2 @@
+ echo succeeded
succeeded
+ echo errno=0 succeeded
errno=0 succeeded

2
regress/sys/kern/execve/good/truncaout
View File

@ -1 +1 @@
Exec format error
errno=8 Exec format error

4
regress/sys/kern/execve/tests/goodaout.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: goodaout.c,v 1.5 2017/02/16 20:59:20 patrick Exp $ */
/* $OpenBSD: goodaout.c,v 1.6 2024/08/23 02:49:20 deraadt Exp $ */
/* $NetBSD: goodaout.c,v 1.3 1995/04/20 22:44:20 cgd Exp $ */
/*
@ -38,6 +38,6 @@
int
main(int argc, char *argv[])
{
printf("succeeded\n");
printf("errno=0 succeeded\n");
exit(0);
}

4
regress/sys/kern/execve/tests/goodscript.in
View File

@ -1,5 +1,5 @@
#! /bin/csh
# $OpenBSD: goodscript.in,v 1.2 2001/01/29 02:05:56 niklas Exp $
# $OpenBSD: goodscript.in,v 1.3 2024/08/23 02:49:20 deraadt Exp $
echo succeeded
echo 'errno=0 succeeded'

4
regress/sys/kern/execve/tests/scriptarg-nospace.in
View File

@ -1,5 +1,5 @@
#!/bin/sh -x
# $OpenBSD: scriptarg-nospace.in,v 1.2 2001/01/29 02:05:56 niklas Exp $
# $OpenBSD: scriptarg-nospace.in,v 1.3 2024/08/23 02:49:20 deraadt Exp $
echo succeeded
echo 'errno=0 succeeded'

4
regress/sys/kern/execve/tests/scriptarg.in
View File

@ -1,5 +1,5 @@
#! /bin/sh -x
# $OpenBSD: scriptarg.in,v 1.2 2001/01/29 02:05:57 niklas Exp $
# $OpenBSD: scriptarg.in,v 1.3 2024/08/23 02:49:20 deraadt Exp $
echo succeeded
echo 'errno=0 succeeded'

27
regress/usr.bin/ssh/rekey.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: rekey.sh,v 1.28 2024/08/21 10:33:27 dtucker Exp $
# $OpenBSD: rekey.sh,v 1.29 2024/08/22 10:21:02 dtucker Exp $
# Placed in the Public Domain.
tid="rekey"
@ -28,6 +28,11 @@ ssh_data_rekeying()
echo "$_kexopt" >> $OBJ/sshd_proxy
_opts="$_opts -o$_kexopt"
fi
case "$_kexopt" in
MACs=*)
# default chacha20-poly1305 cipher has implicit MAC
_opts="$_opts -oCiphers=aes128-ctr" ;;
esac
trace bytes $_bytes kex $_kexopt opts $_opts
rm -f ${COPY} ${COPY2} ${LOG}
# Create data file just big enough to reach rekey threshold.
@ -40,16 +45,22 @@ ssh_data_rekeying()
cmp ${COPY} ${COPY2} || fail "corrupted copy ($@)"
n=`grep 'NEWKEYS sent' ${LOG} | wc -l`
n=`expr $n - 1`
_want=`echo $_kexopt | cut -f2 -d=`
_got=""
case "$_kexopt" in
KexAlgorithms*)
_want=`echo $_kexopt | cut -f2 -d=`
KexAlgorithms=*)
_got=`awk '/kex: algorithm: /{print $4}' ${LOG} | \
tr -d '\r' | sort -u`
if [ "$_want" != "$_got" ]; then
fail "expected kex $_want, got $_got"
fi
;;
tr -d '\r' | sort -u` ;;
Ciphers=*)
_got=`awk '/kex: client->server cipher:/{print $5}' ${LOG} | \
tr -d '\r' | sort -u` ;;
MACs=*)
_got=`awk '/kex: client->server cipher:/{print $7}' ${LOG} | \
tr -d '\r' | sort -u` ;;
esac
if [ "$_want" != "$_got" ]; then
fail "unexpected algorithm, want $_want, got $_got"
fi
trace "$n rekeying(s)"
if [ $n -lt 1 ]; then
fail "no rekeying occurred ($@)"

10
sys/arch/amd64/amd64/bus_dma.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: bus_dma.c,v 1.56 2024/08/20 15:30:29 bluhm Exp $ */
/* $OpenBSD: bus_dma.c,v 1.57 2024/08/22 11:36:24 bluhm Exp $ */
/* $NetBSD: bus_dma.c,v 1.3 2003/05/07 21:33:58 fvdl Exp $ */
/*-
@ -499,7 +499,7 @@ _bus_dmamap_sync(bus_dma_tag_t t, bus_dmamap_t map, bus_addr_t addr,
if (!use_bounce_buffer)
return;
for (i = map->_dm_segcnt, sg = map->dm_segs; size && i--; sg++) {
for (i = map->_dm_segcnt, sg = map->dm_segs; size && i; i--, sg++) {
if (off >= sg->ds_len) {
off -= sg->ds_len;
continue;
@ -767,9 +767,11 @@ _bus_dmamap_load_buffer(bus_dma_tag_t t, bus_dmamap_t map, void *buf,
map->_dm_maxsegsz &&
(map->_dm_boundary == 0 ||
(map->dm_segs[seg].ds_addr & bmask) ==
(curaddr & bmask)))
(curaddr & bmask)) &&
(!use_bounce_buffer || (map->dm_segs[seg]._ds_va +
map->dm_segs[seg].ds_len) == vaddr)) {
map->dm_segs[seg].ds_len += sgsize;
else {
} else {
if (++seg >= map->_dm_segcnt)
break;
map->dm_segs[seg].ds_addr = curaddr;

7
sys/dev/dt/dt_dev.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dt_dev.c,v 1.35 2024/08/21 09:27:37 mpi Exp $ */
/* $OpenBSD: dt_dev.c,v 1.36 2024/08/22 10:08:25 mvs Exp $ */
/*
* Copyright (c) 2019 Martin Pieuchot <mpi@openbsd.org>
@ -88,6 +88,7 @@
* to keep track of enabled PCBs.
*
* Locks used to protect struct members in this file:
* a atomic
* m per-softc mutex
* K kernel lock
*/
@ -119,7 +120,7 @@ SIMPLEQ_HEAD(, dt_probe) dt_probe_list; /* [I] list of probes */
struct rwlock dt_lock = RWLOCK_INITIALIZER("dtlk");
volatile uint32_t dt_tracing = 0; /* [K] # of processes tracing */
int allowdt;
int allowdt; /* [a] */
void dtattach(struct device *, struct device *, void *);
int dtopen(dev_t, int, int, struct proc *);
@ -162,7 +163,7 @@ dtopen(dev_t dev, int flags, int mode, struct proc *p)
struct dt_softc *sc;
int unit = minor(dev);
if (!allowdt)
if (atomic_load_int(&allowdt) == 0)
return EPERM;
sc = malloc(sizeof(*sc), M_DEVBUF, M_WAITOK|M_CANFAIL|M_ZERO);

68
sys/kern/kern_sysctl.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kern_sysctl.c,v 1.442 2024/08/20 13:29:25 mvs Exp $ */
/* $OpenBSD: kern_sysctl.c,v 1.444 2024/08/23 01:31:04 mvs Exp $ */
/* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */
/*-
@ -134,6 +134,7 @@ extern int autoconf_serial;
int allowkmem;
int sysctl_securelevel(void *, size_t *, void *, size_t, struct proc *);
int sysctl_diskinit(int, struct proc *);
int sysctl_proc_args(int *, u_int, void *, size_t *, struct proc *);
int sysctl_proc_cwd(int *, u_int, void *, size_t *, struct proc *);
@ -486,7 +487,7 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
switch (name[0]) {
#if NAUDIO > 0
case KERN_AUDIO:
return (sysctl_audio(name, namelen, oldp, oldlenp,
return (sysctl_audio(name + 1, namelen - 1, oldp, oldlenp,
newp, newlen));
#endif
default:
@ -513,6 +514,11 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
return (sysctl_rdstring(oldp, oldlenp, newp, version));
case KERN_NUMVNODES: /* XXX numvnodes is a long */
return (sysctl_rdint(oldp, oldlenp, newp, numvnodes));
#if NDT > 0
case KERN_ALLOWDT:
return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen,
&allowdt));
#endif
case KERN_HOSTID:
return (sysctl_int(oldp, oldlenp, newp, newlen, &hostid));
case KERN_CLOCKRATE:
@ -596,26 +602,13 @@ int
kern_sysctl_locked(int *name, u_int namelen, void *oldp, size_t *oldlenp,
void *newp, size_t newlen, struct proc *p)
{
int error, level, stackgap;
int error, stackgap;
dev_t dev;
extern int pool_debug;
switch (name[0]) {
case KERN_SECURELVL:
level = securelevel;
if ((error = sysctl_int(oldp, oldlenp, newp, newlen, &level)) ||
newp == NULL)
return (error);
if ((securelevel > 0 || level < -1) &&
level < securelevel && p->p_p->ps_pid != 1)
return (EPERM);
securelevel = level;
return (0);
#if NDT > 0
case KERN_ALLOWDT:
return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen,
&allowdt));
#endif
return (sysctl_securelevel(oldp, oldlenp, newp, newlen, p));
case KERN_ALLOWKMEM:
return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen,
&allowkmem));
@ -1123,6 +1116,45 @@ sysctl_rdint(void *oldp, size_t *oldlenp, void *newp, int val)
return (error);
}
int
sysctl_securelevel(void *oldp, size_t *oldlenp, void *newp, size_t newlen,
struct proc *p)
{
int oldval, newval;
int error;
if (oldp && *oldlenp < sizeof(int))
return (ENOMEM);
if (newp && newlen != sizeof(int))
return (EINVAL);
*oldlenp = sizeof(int);
if (newp) {
if ((error = copyin(newp, &newval, sizeof(int))))
return (error);
do {
oldval = atomic_load_int(&securelevel);
if ((oldval > 0 || newval < -1) && newval < oldval &&
p->p_p->ps_pid != 1)
return (EPERM);
} while (atomic_cas_uint(&securelevel, oldval, newval) !=
oldval);
if (oldp) {
/* new value has been set although user gets error */
if ((error = copyout(&oldval, oldp, sizeof(int))))
return (error);
}
} else if (oldp) {
oldval = atomic_load_int(&securelevel);
if ((error = copyout(&oldval, oldp, sizeof(int))))
return (error);
}
return (0);
}
/*
* Selects between sysctl_rdint and sysctl_int according to securelevel.
*/
@ -1130,7 +1162,7 @@ int
sysctl_securelevel_int(void *oldp, size_t *oldlenp, void *newp, size_t newlen,
int *valp)
{
if (securelevel > 0)
if (atomic_load_int(&securelevel) > 0)
return (sysctl_rdint(oldp, oldlenp, newp, *valp));
return (sysctl_int(oldp, oldlenp, newp, newlen, valp));
}

4
sys/netinet/in_proto.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: in_proto.c,v 1.112 2024/08/21 12:53:36 mvs Exp $ */
/* $OpenBSD: in_proto.c,v 1.113 2024/08/22 10:58:31 mvs Exp $ */
/* $NetBSD: in_proto.c,v 1.14 1996/02/18 18:58:32 christos Exp $ */
/*
@ -230,7 +230,7 @@ const struct protosw inetsw[] = {
.pr_type = SOCK_RAW,
.pr_domain = &inetdomain,
.pr_protocol = IPPROTO_IPV4,
.pr_flags = PR_ATOMIC|PR_ADDR|PR_MPSOCKET,
.pr_flags = PR_ATOMIC|PR_ADDR|PR_MPSOCKET|PR_MPSYSCTL,
#if NGIF > 0
.pr_input = in_gif_input,
#else

27
sys/netinet/ip_ipip.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ip_ipip.c,v 1.104 2024/08/21 12:53:36 mvs Exp $ */
/* $OpenBSD: ip_ipip.c,v 1.105 2024/08/22 10:58:31 mvs Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@ -72,6 +72,11 @@
#include <net/pfvar.h>
#endif
/*
* Locks used to protect data:
* a atomic
*/
#ifdef ENCDEBUG
#define DPRINTF(fmt, args...) \
do { \
@ -87,7 +92,7 @@
* We can control the acceptance of IP4 packets by altering the sysctl
* net.inet.ipip.allow value. Zero means drop them, all else is acceptance.
*/
int ipip_allow = 0;
int ipip_allow = 0; /* [a] */
struct cpumem *ipipcounters;
@ -104,9 +109,10 @@ int
ipip_input(struct mbuf **mp, int *offp, int nxt, int af)
{
struct ifnet *ifp;
int ipip_allow_local = atomic_load_int(&ipip_allow);
/* If we do not accept IP-in-IP explicitly, drop. */
if (!ipip_allow && ((*mp)->m_flags & (M_AUTH|M_CONF)) == 0) {
if (ipip_allow_local == 0 && ((*mp)->m_flags & (M_AUTH|M_CONF)) == 0) {
DPRINTF("dropped due to policy");
ipipstat_inc(ipips_pdrops);
m_freemp(mp);
@ -118,7 +124,7 @@ ipip_input(struct mbuf **mp, int *offp, int nxt, int af)
m_freemp(mp);
return IPPROTO_DONE;
}
nxt = ipip_input_if(mp, offp, nxt, af, ifp);
nxt = ipip_input_if(mp, offp, nxt, af, ipip_allow_local, ifp);
if_put(ifp);
return nxt;
@ -133,7 +139,7 @@ ipip_input(struct mbuf **mp, int *offp, int nxt, int af)
*/
int
ipip_input_if(struct mbuf **mp, int *offp, int proto, int oaf,
ipip_input_if(struct mbuf **mp, int *offp, int proto, int oaf, int allow,
struct ifnet *ifp)
{
struct mbuf *m = *mp;
@ -271,7 +277,7 @@ ipip_input_if(struct mbuf **mp, int *offp, int proto, int oaf,
}
/* Check for local address spoofing. */
if (!(ifp->if_flags & IFF_LOOPBACK) && ipip_allow != 2) {
if (!(ifp->if_flags & IFF_LOOPBACK) && allow != 2) {
struct sockaddr_storage ss;
struct rtentry *rt;
@ -584,19 +590,14 @@ int
ipip_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
size_t newlen)
{
int error;
/* All sysctl names at this level are terminal. */
if (namelen != 1)
return (ENOTDIR);
switch (name[0]) {
case IPIPCTL_ALLOW:
NET_LOCK();
error = sysctl_int_bounded(oldp, oldlenp, newp, newlen,
&ipip_allow, 0, 2);
NET_UNLOCK();
return (error);
return (sysctl_int_bounded(oldp, oldlenp, newp, newlen,
&ipip_allow, 0, 2));
case IPIPCTL_STATS:
return (ipip_sysctl_ipipstat(oldp, oldlenp, newp));
default:

4
sys/netinet/ip_ipip.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ip_ipip.h,v 1.13 2021/10/13 14:36:31 bluhm Exp $ */
/* $OpenBSD: ip_ipip.h,v 1.14 2024/08/22 10:58:31 mvs Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@ -114,7 +114,7 @@ struct tdb;
void ipip_init(void);
int ipip_input(struct mbuf **, int *, int, int);
int ipip_input_if(struct mbuf **, int *, int, int, struct ifnet *);
int ipip_input_if(struct mbuf **, int *, int, int, int, struct ifnet *);
int ipip_output(struct mbuf **, struct tdb *);
int ipip_sysctl(int *, u_int, void *, size_t *, void *, size_t);

12
usr.bin/openssl/openssl.1
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: openssl.1,v 1.158 2024/08/12 15:34:58 job Exp $
.\" $OpenBSD: openssl.1,v 1.159 2024/08/22 12:15:07 tb Exp $
.\" ====================================================================
.\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
.\"
@ -110,7 +110,7 @@
.\" copied and put under another distribution licence
.\" [including the GNU Public Licence.]
.\"
.Dd $Mdocdate: August 12 2024 $
.Dd $Mdocdate: August 22 2024 $
.Dt OPENSSL 1
.Os
.Sh NAME
@ -3084,7 +3084,6 @@ It is recommended that des3 is used.
.Op Fl certpbe Ar alg
.Op Fl chain
.Op Fl clcerts
.Op Fl CSP Ar name
.Op Fl descert
.Op Fl export
.Op Fl in Ar file
@ -3093,7 +3092,6 @@ It is recommended that des3 is used.
.Op Fl keyex
.Op Fl keypbe Ar alg
.Op Fl keysig
.Op Fl LMK
.Op Fl macalg Ar alg
.Op Fl maciter
.Op Fl name Ar name
@ -3202,10 +3200,6 @@ For interoperability reasons it is advisable to only use PKCS#12 algorithms.
Include the entire certificate chain of the user certificate.
The standard CA store is used for this search.
If the search fails, it is considered a fatal error.
.It Fl CSP Ar name
Write
.Ar name
as a Microsoft CSP name.
.It Fl descert
Encrypt the certificate using triple DES; this may render the PKCS#12
file unreadable by some
@ -3237,8 +3231,6 @@ option marks the key for signing only.
Signing only keys can be used for S/MIME signing, authenticode
(ActiveX control signing)
and SSL client authentication.
.It Fl LMK
Add local machine keyset attribute to private key.
.It Fl macalg Ar alg
Specify the MAC digest algorithm.
The default is SHA1.

26
usr.bin/openssl/pkcs12.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: pkcs12.c,v 1.27 2024/02/28 17:04:38 tb Exp $ */
/* $OpenBSD: pkcs12.c,v 1.28 2024/08/22 12:14:33 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
@ -93,14 +93,12 @@ static int alg_print(BIO *x, const X509_ALGOR *alg);
static int set_pbe(BIO *err, int *ppbe, const char *str);
static struct {
int add_lmk;
char *CAfile;
STACK_OF(OPENSSL_STRING) *canames;
char *CApath;
int cert_pbe;
char *certfile;
int chain;
char *csp_name;
const EVP_CIPHER *enc;
int export_cert;
int key_pbe;
@ -321,13 +319,6 @@ static const struct option pkcs12_options[] = {
.opt.value = &cfg.options,
.value = CLCERTS,
},
{
.name = "CSP",
.argname = "name",
.desc = "Microsoft CSP name",
.type = OPTION_ARG,
.opt.arg = &cfg.csp_name,
},
{
.name = "descert",
.desc = "Encrypt PKCS#12 certificates with triple DES (default RC2-40)",
@ -383,12 +374,6 @@ static const struct option pkcs12_options[] = {
.opt.value = &cfg.keytype,
.value = KEY_SIG,
},
{
.name = "LMK",
.desc = "Add local machine keyset attribute to private key",
.type = OPTION_FLAG,
.opt.flag = &cfg.add_lmk,
},
{
.name = "macalg",
.argname = "alg",
@ -719,15 +704,6 @@ pkcs12_main(int argc, char **argv)
X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
}
if (cfg.csp_name != NULL && key != NULL)
EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
MBSTRING_ASC,
(unsigned char *) cfg.csp_name, -1);
if (cfg.add_lmk && key != NULL)
EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL,
-1);
if (!cfg.noprompt &&
EVP_read_pw_string(pass, sizeof pass,
"Enter Export Password:", 1)) {

4
usr.bin/sndiod/dev.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dev.c,v 1.117 2024/06/01 09:44:10 ratchov Exp $ */
/* $OpenBSD: dev.c,v 1.118 2024/08/23 01:19:33 jsg Exp $ */
/*
* Copyright (c) 2008-2012 Alexandre Ratchov <alex@caoua.org>
*
@ -2297,7 +2297,7 @@ ctlslot_visible(struct ctlslot *s, struct ctl *c)
if (strcmp(c->node0.name, "server") == 0 &&
strcmp(c->func, "device") == 0)
return 0;
/* FALLTHROUHG */
/* FALLTHROUGH */
case CTL_DEV_MASTER:
return (s->opt->dev == c->u.any.arg0);
case CTL_OPT_DEV:

4
usr.bin/ssh/kex-names.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kex-names.c,v 1.1 2024/05/17 00:32:32 djm Exp $ */
/* $OpenBSD: kex-names.c,v 1.2 2024/08/22 23:11:30 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@ -70,6 +70,8 @@ static const struct kexalg kexalgs[] = {
{ KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
{ KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0,
SSH_DIGEST_SHA512 },
{ KEX_SNTRUP761X25519_SHA512_OLD, KEX_KEM_SNTRUP761X25519_SHA512, 0,
SSH_DIGEST_SHA512 },
{ NULL, 0, -1, -1},
};

5
usr.bin/ssh/kex.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kex.h,v 1.123 2024/05/17 00:30:23 djm Exp $ */
/* $OpenBSD: kex.h,v 1.124 2024/08/22 23:11:30 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@ -55,7 +55,8 @@
#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521"
#define KEX_CURVE25519_SHA256 "curve25519-sha256"
#define KEX_CURVE25519_SHA256_OLD "curve25519-sha256@libssh.org"
#define KEX_SNTRUP761X25519_SHA512 "sntrup761x25519-sha512@openssh.com"
#define KEX_SNTRUP761X25519_SHA512 "sntrup761x25519-sha512"
#define KEX_SNTRUP761X25519_SHA512_OLD "sntrup761x25519-sha512@openssh.com"
#define COMP_NONE 0
/* pre-auth compression (COMP_ZLIB) is only supported in the client */

3
usr.bin/ssh/myproposal.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: myproposal.h,v 1.71 2022/03/30 21:13:23 djm Exp $ */
/* $OpenBSD: myproposal.h,v 1.72 2024/08/22 23:11:30 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -25,6 +25,7 @@
*/
#define KEX_SERVER_KEX \
"sntrup761x25519-sha512," \
"sntrup761x25519-sha512@openssh.com," \
"curve25519-sha256," \
"curve25519-sha256@libssh.org," \

6
usr.bin/ssh/ssh_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: ssh_config.5,v 1.398 2024/07/14 10:19:23 jsg Exp $
.Dd $Mdocdate: July 14 2024 $
.\" $OpenBSD: ssh_config.5,v 1.399 2024/08/22 23:11:30 djm Exp $
.Dd $Mdocdate: August 22 2024 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
@ -1282,7 +1282,7 @@ default set.
.Pp
The default is:
.Bd -literal -offset indent
sntrup761x25519-sha512@openssh.com,
sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,
curve25519-sha256,curve25519-sha256@libssh.org,
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,

8
usr.bin/ssh/sshd_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: sshd_config.5,v 1.368 2024/07/26 15:24:49 naddy Exp $
.Dd $Mdocdate: July 26 2024 $
.\" $OpenBSD: sshd_config.5,v 1.369 2024/08/22 23:11:30 djm Exp $
.Dd $Mdocdate: August 22 2024 $
.Dt SSHD_CONFIG 5
.Os
.Sh NAME
@ -1051,12 +1051,14 @@ ecdh-sha2-nistp384
.It
ecdh-sha2-nistp521
.It
sntrup761x25519-sha512
.It
sntrup761x25519-sha512@openssh.com
.El
.Pp
The default is:
.Bd -literal -offset indent
sntrup761x25519-sha512@openssh.com,
sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,
curve25519-sha256,curve25519-sha256@libssh.org,
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
diffie-hellman-group-exchange-sha256,

3
usr.bin/tmux/key-string.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: key-string.c,v 1.73 2024/08/22 05:39:55 nicm Exp $ */
/* $OpenBSD: key-string.c,v 1.74 2024/08/22 09:05:51 nicm Exp $ */
/*
* Copyright (c) 2007 Nicholas Marriott <nicholas.marriott@gmail.com>
@ -277,7 +277,6 @@ key_string_lookup_string(const char *string)
}
free(udp);
return (uc);
}
/* Check for short Ctrl key. */

4
usr.bin/tmux/status.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: status.c,v 1.244 2024/08/21 05:03:13 nicm Exp $ */
/* $OpenBSD: status.c,v 1.245 2024/08/22 09:05:51 nicm Exp $ */
/*
* Copyright (c) 2007 Nicholas Marriott <nicholas.marriott@gmail.com>
@ -607,6 +607,8 @@ status_prompt_set(struct client *c, struct cmd_find_state *fs,
struct format_tree *ft;
char *tmp;
server_client_clear_overlay(c);
if (fs != NULL)
ft = format_create_from_state(NULL, c, fs);
else

10
usr.bin/tmux/tmux.1
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: tmux.1,v 1.950 2024/08/21 05:06:45 nicm Exp $
.\" $OpenBSD: tmux.1,v 1.951 2024/08/22 09:05:51 nicm Exp $
.\"
.\" Copyright (c) 2007 Nicholas Marriott <nicholas.marriott@gmail.com>
.\"
@ -14,7 +14,7 @@
.\" IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
.\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: August 21 2024 $
.Dd $Mdocdate: August 22 2024 $
.Dt TMUX 1
.Os
.Sh NAME
@ -4491,9 +4491,9 @@ Set the character used to fill areas of the terminal unused by a window.
.It Ic main-pane-height Ar height
.It Ic main-pane-width Ar width
Set the width or height of the main (left or top) pane in the
.Ic main-horizontal,
.Ic main-horizontal-mirrored,
.Ic main-vertical,
.Ic main-horizontal ,
.Ic main-horizontal-mirrored ,
.Ic main-vertical ,
or
.Ic main-vertical-mirrored
layouts.

4
usr.sbin/bgpctl/parser.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: parser.c,v 1.136 2024/08/21 09:17:05 florian Exp $ */
/* $OpenBSD: parser.c,v 1.137 2024/08/22 08:17:54 florian Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@ -1325,7 +1325,7 @@ parseextvalue(int type, char *s, uint32_t *v, uint32_t *flag)
*v = uval | (uvalh << 16);
break;
case EXT_COMMUNITY_TRANS_IPV4:
if (inet_pton(AF_INET, s, &ip) == 0)
if (inet_pton(AF_INET, s, &ip) != 1)
errx(1, "Bad ext-community %s not parseable", s);
*v = ntohl(ip.s_addr);
break;

4
usr.sbin/bgpd/parse.y
View File

@ -1,4 +1,4 @@
/* $OpenBSD: parse.y,v 1.466 2024/08/21 09:17:05 florian Exp $ */
/* $OpenBSD: parse.y,v 1.467 2024/08/22 08:17:54 florian Exp $ */
/*
* Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
@ -4503,7 +4503,7 @@ parseextvalue(int type, char *s, uint32_t *v, uint32_t *flag)
*v = uval | (uvalh << 16);
break;
case EXT_COMMUNITY_TRANS_IPV4:
if (inet_pton(AF_INET, s, &ip) == 0) {
if (inet_pton(AF_INET, s, &ip) != 1) {
yyerror("Bad ext-community %s not parseable", s);
return (-1);
}

28
usr.sbin/cron/entry.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: entry.c,v 1.60 2024/08/19 15:08:21 millert Exp $ */
/* $OpenBSD: entry.c,v 1.61 2024/08/23 00:58:04 millert Exp $ */
/*
* Copyright 1988,1990,1993,1994 by Paul Vixie
@ -68,7 +68,7 @@ static const char *DowNames[] = {
static int get_list(bitstr_t *, int, int, const char *[], int, FILE *),
get_range(bitstr_t *, int, int, const char *[], int, FILE *),
get_number(int *, int, const char *[], int, FILE *, const char *),
get_number(int *, int, int, const char *[], int, FILE *, const char *),
set_element(bitstr_t *, int, int, int),
set_range(bitstr_t *, int, int, int, int, int);
@ -489,7 +489,7 @@ get_range(bitstr_t *bits, int low, int high, const char *names[],
return (EOF);
} else {
if (ch != '~') {
ch = get_number(&num1, low, names, ch, file, ",-~ \t\n");
ch = get_number(&num1, low, high, names, ch, file, ",-~ \t\n");
if (ch == EOF)
return (EOF);
}
@ -504,7 +504,7 @@ get_range(bitstr_t *bits, int low, int high, const char *names[],
/* get the number following the dash
*/
ch = get_number(&num2, low, names, ch, file, "/, \t\n");
ch = get_number(&num2, low, high, names, ch, file, "/, \t\n");
if (ch == EOF || num1 > num2)
return (EOF);
break;
@ -517,7 +517,7 @@ get_range(bitstr_t *bits, int low, int high, const char *names[],
/* get the (optional) number following the tilde
*/
ch = get_number(&num2, low, names, ch, file, "/, \t\n");
ch = get_number(&num2, low, high, names, ch, file, "/, \t\n");
if (ch == EOF) {
/* no second number, check for valid terminator
*/
@ -563,6 +563,8 @@ get_range(bitstr_t *bits, int low, int high, const char *names[],
/* check for step size
*/
if (ch == '/') {
const int max_step = high + 1 - low;
/* eat the slash
*/
ch = get_char(file);
@ -574,7 +576,7 @@ get_range(bitstr_t *bits, int low, int high, const char *names[],
* element id, it's a step size. 'low' is
* sent as a 0 since there is no offset either.
*/
ch = get_number(&num3, 0, NULL, ch, file, ", \t\n");
ch = get_number(&num3, 0, max_step, NULL, ch, file, ", \t\n");
if (ch == EOF || num3 == 0)
return (EOF);
if (rndstep) {
@ -604,8 +606,8 @@ get_range(bitstr_t *bits, int low, int high, const char *names[],
}
static int
get_number(int *numptr, int low, const char *names[], int ch, FILE *file,
const char *terms)
get_number(int *numptr, int low, int high, const char *names[], int ch,
FILE *file, const char *terms)
{
char temp[MAX_TEMPSTR], *pc;
int len, i;
@ -622,11 +624,13 @@ get_number(int *numptr, int low, const char *names[], int ch, FILE *file,
}
*pc = '\0';
if (len != 0) {
const char *errstr;
/* got a number, check for valid terminator */
if (!strchr(terms, ch))
goto bad;
i = atoi(temp);
if (i < 0)
i = strtonum(temp, low, high, &errstr);
if (errstr != NULL)
goto bad;
*numptr = i;
return (ch);
@ -678,9 +682,11 @@ set_range(bitstr_t *bits, int low, int high, int start, int stop, int step)
start -= low;
stop -= low;
if (step <= 1 || step > stop) {
if (step <= 1) {
bit_nset(bits, start, stop);
} else {
if (step > stop + 1)
return (EOF);
for (i = start; i <= stop; i += step)
bit_set(bits, i);
}

4
usr.sbin/eigrpd/parse.y
View File

@ -1,4 +1,4 @@
/* $OpenBSD: parse.y,v 1.33 2024/08/21 09:20:36 florian Exp $ */
/* $OpenBSD: parse.y,v 1.34 2024/08/22 08:17:54 florian Exp $ */
/*
* Copyright (c) 2015 Renato Westphal <renato@openbsd.org>
@ -223,7 +223,7 @@ varset : STRING '=' string {
;
conf_main : ROUTERID STRING {
if (!inet_pton(AF_INET, $2, &conf->rtr_id)) {
if (inet_pton(AF_INET, $2, &conf->rtr_id) != 1) {
yyerror("error parsing router-id");
free($2);
YYERROR;

4
usr.sbin/ldpd/parse.y
View File

@ -1,4 +1,4 @@
/* $OpenBSD: parse.y,v 1.73 2024/08/21 09:17:56 florian Exp $ */
/* $OpenBSD: parse.y,v 1.74 2024/08/22 08:17:54 florian Exp $ */
/*
* Copyright (c) 2013, 2015, 2016 Renato Westphal <renato@openbsd.org>
@ -203,7 +203,7 @@ string : string STRING {
;
routerid : STRING {
if (!inet_pton(AF_INET, $1, &$$)) {
if (inet_pton(AF_INET, $1, &$$) != 1) {
yyerror("%s: error parsing router id", $1);
free($1);
YYERROR;

4
usr.sbin/lpr/SMM.doc/spell.ok
View File

@ -8,9 +8,9 @@ Eprinter
LPC
LPD
Lpd
Manual''SMM:5
Manual''SMM:7
SIGINT
SMM:5
SMM:7
Topq
XTABS
adm

13
usr.sbin/npppd/common/addr_range.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: addr_range.c,v 1.7 2024/02/26 08:25:51 yasuoka Exp $ */
/* $OpenBSD: addr_range.c,v 1.8 2024/08/22 07:56:47 florian Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
* All rights reserved.
@ -56,13 +56,14 @@
* Author:
* Yasuoka Masahiko <yasuoka@iij.ad.jp>
*
* $Id: addr_range.c,v 1.7 2024/02/26 08:25:51 yasuoka Exp $
* $Id: addr_range.c,v 1.8 2024/08/22 07:56:47 florian Exp $
*/
#ifdef ADDR_RANGE_DEBUG
#define IIJDEBUG
#endif
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
@ -264,23 +265,23 @@ in_addr_range_list_add(struct in_addr_range **list, const char *str)
is_maskaddr = 1;
}
if (inet_aton(p0, &a0) != 1) {
if (inet_pton(AF_INET, p0, &a0) != 1) {
if (errno == 0)
errno = EINVAL;
#ifdef IIJDEBUG
saved_errno = errno;
log_printf(LOG_DL_1, "inet_aton(%s) failed: %m", p0);
log_printf(LOG_DL_1, "inet_pton(%s) failed: %m", p0);
errno = saved_errno;
#endif
free(p0);
return -1;
}
if ((is_range || is_maskaddr) && inet_aton(p1, &a1) != 1) {
if ((is_range || is_maskaddr) && inet_pton(AF_INET, p1, &a1) != 1) {
if (errno == 0)
errno = EINVAL;
#ifdef IIJDEBUG
saved_errno = errno;
log_printf(LOG_DL_1, "inet_aton(%s) failed: %m", p1);
log_printf(LOG_DL_1, "inet_pton(%s) failed: %m", p1);
errno = saved_errno;
#endif
free(p0);

4
usr.sbin/npppd/npppd/npppd_subr.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: npppd_subr.c,v 1.21 2021/03/29 03:54:39 yasuoka Exp $ */
/* $OpenBSD: npppd_subr.c,v 1.22 2024/08/22 07:56:47 florian Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
@ -108,7 +108,7 @@ load_resolv_conf(struct in_addr *pri, struct in_addr *sec)
addr = pri;
else
addr = sec;
if (inet_aton(ap, addr) != 1) {
if (inet_pton(AF_INET, ap, addr) != 1) {
/*
* FIXME: If configured IPv6, it may have IPv6
* FIXME: address. For the present, continue.

4
usr.sbin/npppd/npppd/parse.y
View File

@ -1,4 +1,4 @@
/* $OpenBSD: parse.y,v 1.30 2024/07/17 08:26:19 yasuoka Exp $ */
/* $OpenBSD: parse.y,v 1.31 2024/08/22 07:56:47 florian Exp $ */
/*
* Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
@ -639,7 +639,7 @@ addressport : address optport {
;
in4_addr : STRING {
if (inet_aton($1, &($$)) != 1) {
if (inet_pton(AF_INET, $1, &($$)) != 1) {
yyerror("could not parse the address %s", $1);
free($1);
YYERROR;

6
usr.sbin/npppd/npppd/privsep.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: privsep.c,v 1.25 2024/01/18 09:58:23 claudio Exp $ */
/* $OpenBSD: privsep.c,v 1.26 2024/08/22 07:56:47 florian Exp $ */
/*
* Copyright (c) 2010 Yasuoka Masahiko <yasuoka@openbsd.org>
@ -708,7 +708,7 @@ privsep_priv_dispatch_imsg(struct imsgbuf *ibuf)
}
if ((retval = cgetstr(buf, "framed-ip-address",
&str)) >= 0) {
if (inet_aton(str,
if (inet_pton(AF_INET, str,
&r.framed_ip_address) != 1)
goto on_broken_entry;
free(str);
@ -717,7 +717,7 @@ privsep_priv_dispatch_imsg(struct imsgbuf *ibuf)
if ((retval = cgetstr(buf, "framed-ip-netmask",
&str)) >= 0) {
if (inet_aton(str,
if (inet_pton(AF_INET, str,
&r.framed_ip_netmask) != 1)
goto on_broken_entry;
free(str);

4
usr.sbin/ospfd/parse.y
View File

@ -1,4 +1,4 @@
/* $OpenBSD: parse.y,v 1.105 2024/08/21 15:16:56 florian Exp $ */
/* $OpenBSD: parse.y,v 1.106 2024/08/22 08:34:51 tb Exp $ */
/*
* Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
@ -620,7 +620,7 @@ areaid : NUMBER {
$$.s_addr = htonl($1);
}
| STRING {
if (inet_pton(AF_INET, $1, &$$) != 1) {
if (inet_pton(AF_INET, $1, &$$) != 1) {
yyerror("error parsing area");
free($1);
YYERROR;

44
usr.sbin/pppd/main.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: main.c,v 1.58 2024/08/10 05:32:28 jsg Exp $ */
/* $OpenBSD: main.c,v 1.59 2024/08/23 00:43:34 millert Exp $ */
/*
* main.c - Point-to-Point Protocol main module
@ -108,6 +108,7 @@ int detached; /* have detached from terminal */
int phase; /* where the link is at */
volatile sig_atomic_t kill_link;
volatile sig_atomic_t open_ccp_flag;
volatile sig_atomic_t got_sigchld;
char **script_env; /* Env. variable values for scripts */
int s_env_nalloc; /* # words avail at script_env */
@ -115,8 +116,6 @@ int s_env_nalloc; /* # words avail at script_env */
u_char outpacket_buf[PPP_MRU+PPP_HDRLEN]; /* buffer for outgoing packet */
u_char inpacket_buf[PPP_MRU+PPP_HDRLEN]; /* buffer for incoming packet */
static int n_children; /* # child processes still running */
static int locked; /* lock() has succeeded */
char *no_ppp_msg = "Sorry - this system lacks PPP kernel support\n";
@ -964,10 +963,7 @@ term(int sig)
static void
chld(int sig)
{
int save_errno = errno;
reap_kids(); /* XXX somewhat unsafe */
errno = save_errno;
got_sigchld = 1;
}
@ -1162,7 +1158,6 @@ run_program(char *prog, char **args, int must_exist)
_exit(1);
}
MAINDEBUG((LOG_DEBUG, "Script %s started; pid = %ld", prog, (long)pid));
++n_children;
return 0;
}
@ -1177,18 +1172,29 @@ reap_kids(void)
int status;
pid_t pid;
if (n_children == 0)
if (!got_sigchld)
return;
if ((pid = waitpid(-1, &status, WNOHANG)) == -1) {
if (errno != ECHILD)
syslog(LOG_ERR, "Error waiting for child process: %m");
return;
}
if (pid > 0) {
--n_children;
if (WIFSIGNALED(status)) {
syslog(LOG_WARNING, "Child process %ld terminated with signal %d",
(long)pid, WTERMSIG(status));
got_sigchld = 0;
for (;;) {
pid = waitpid(-1, &status, WNOHANG);
switch (pid) {
case -1:
if (errno == EINTR)
continue;
if (errno != ECHILD)
syslog(LOG_ERR, "Error waiting for child process: %m");
return;
case 0:
/* No children left */
return;
default:
if (WIFSIGNALED(status)) {
syslog(LOG_WARNING,
"Child process %d terminated with signal %d",
(int)pid, WTERMSIG(status));
}
break;
}
}
}

4
usr.sbin/radiusd/radiusd_ipcp.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: radiusd_ipcp.c,v 1.12 2024/08/16 09:54:21 yasuoka Exp $ */
/* $OpenBSD: radiusd_ipcp.c,v 1.13 2024/08/23 01:23:50 jsg Exp $ */
/*
* Copyright (c) 2024 Internet Initiative Japan Inc.
@ -591,7 +591,7 @@ ipcp_dispatch_control(void *ctx, struct imsg *imsg)
imsg->hdr.peerid, 0, -1, NULL, 0);
if (imsg->hdr.type == IMSG_RADIUSD_MODULE_IPCP_MONITOR)
break;
/* FALLTROUGH */
/* FALLTHROUGH */
case IMSG_RADIUSD_MODULE_IPCP_DUMP:
dumpsiz = MAX_IMSGSIZE;
if ((dump = calloc(1, dumpsiz)) == NULL) {