sync with OpenBSD -current

lib/libssl/s3_lib.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.246 2023/07/08 16:40:13 beck Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.248 2023/11/29 13:39:34 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -150,6 +150,7 @@
 
 #include <limits.h>
 #include <stdio.h>
+#include <stdlib.h>
 
 #include <openssl/bn.h>
 #include <openssl/curve25519.h>
@@ -1413,18 +1414,26 @@ ssl3_get_cipher(unsigned int u)
 		return (NULL);
 }
 
-const SSL_CIPHER *
+static int
-ssl3_get_cipher_by_id(unsigned int id)
+ssl3_cipher_id_cmp(const void *id, const void *cipher)
 {
-	const SSL_CIPHER *cp;
+	unsigned long a = *(const unsigned long *)id;
-	SSL_CIPHER c;
+	unsigned long b = ((const SSL_CIPHER *)cipher)->id;
 
-	c.id = id;
+	return a < b ? -1 : a > b;
-	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+}
-	if (cp != NULL && cp->valid == 1)
-		return (cp);
 
-	return (NULL);
+const SSL_CIPHER *
+ssl3_get_cipher_by_id(unsigned long id)
+{
+	const SSL_CIPHER *cipher;
+
+	cipher = bsearch(&id, ssl3_ciphers, SSL3_NUM_CIPHERS, sizeof(*cipher),
+	    ssl3_cipher_id_cmp);
+	if (cipher != NULL && cipher->valid == 1)
+		return cipher;
+
+	return NULL;
 }
 
 const SSL_CIPHER *

lib/libssl/ssl_lib.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.316 2023/11/25 12:05:08 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.317 2023/11/29 13:39:34 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -3638,30 +3638,3 @@ SSL_set_quic_use_legacy_codepoint(SSL *ssl, int use_legacy)
 	/* Not supported. */
 }
 LSSL_ALIAS(SSL_set_quic_use_legacy_codepoint);
-
-static int
-ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
-{
-	long	l;
-
-	l = a->id - b->id;
-	if (l == 0L)
-		return (0);
-	else
-		return ((l > 0) ? 1:-1);
-}
-
-static int
-ssl_cipher_id_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
-{
-	SSL_CIPHER const *a = a_;
-	SSL_CIPHER const *b = b_;
-	return ssl_cipher_id_cmp(a, b);
-}
-
-SSL_CIPHER *
-OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, int num)
-{
-	return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER),
-	    ssl_cipher_id_cmp_BSEARCH_CMP_FN);
-}

lib/libssl/ssl_local.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_local.h,v 1.9 2023/11/25 12:05:08 tb Exp $ */
+/* $OpenBSD: ssl_local.h,v 1.11 2023/11/29 13:39:34 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1304,8 +1304,6 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int include_ticket);
 int ssl_get_new_session(SSL *s, int session);
 int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block,
     int *alert);
-SSL_CIPHER *OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base,
-    int num);
 int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb);
 STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, CBS *cbs);
 STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
@@ -1344,7 +1342,7 @@ int ssl3_get_req_cert_types(SSL *s, CBB *cbb);
 int ssl3_get_message(SSL *s, int st1, int stn, int mt, long max);
 int ssl3_num_ciphers(void);
 const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
-const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
+const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned long id);
 const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value);
 uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
 int ssl3_renegotiate(SSL *ssl);

share/man/man4/mpii.4

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: mpii.4,v 1.16 2022/10/18 07:04:20 kn Exp $
+.\"	$OpenBSD: mpii.4,v 1.17 2023/11/29 06:59:23 jmatthew Exp $
 .\"
 .\" Copyright (c) 2010 Marco Peereboom <marco@openbsd.org>
 .\" Copyright (c) 2009 David Gwynne <dlg@openbsd.org>
@@ -15,7 +15,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: October 18 2022 $
+.Dd $Mdocdate: November 29 2023 $
 .Dt MPII 4
 .Os
 .Sh NAME
@@ -43,24 +43,30 @@ LSISAS3108,
 LSISAS3408,
 LSISAS3416,
 LSISAS3508,
-LSISAS3516
+LSISAS3516,
+LSISAS3808,
+LSISAS3816,
+LSISAS3908,
+LSISAS3916
 .El
 .Pp
 These chipsets can be found on the following controllers:
 .Pp
 .Bl -dash -offset indent -compact
 .It
-Dell PERC H200, HBA330, 12Gbps SAS HBA
+Dell PERC H200, HBA330, HBA345, HBA350, HBA355, 12Gbps SAS HBA
 .It
 IBM ServeRAID H1110
 .It
-Lenovo N2215, ThinkSystem 430
+Lenovo N2215, ThinkSystem 430, ThinkSystem 440
 .It
 LSI SAS 9200-8e, SAS 9207-8i, SAS 9211-4i, SAS 9211-8i
 .It
-Broadcom SAS 9300, HBA 9400
+Broadcom SAS 9300, HBA 9400, HBA 9500
 .It
 Oracle SPARC T Series Platforms
+.It
+Supermicro AOC-S3808, AOC-S3816
 .El
 .Pp
 Some models of these controllers carry an Integrated RAID (IR) firmware

sys/dev/acpi/acpivar.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: acpivar.h,v 1.124 2023/07/07 07:37:59 claudio Exp $	*/
+/*	$OpenBSD: acpivar.h,v 1.125 2023/11/29 03:41:31 jsg Exp $	*/
 /*
  * Copyright (c) 2005 Thorsten Lockert <tholo@sigmasoft.com>
  *
@@ -69,9 +69,9 @@ struct acpi_attach_args {
 	struct aml_node *aaa_node;
 	const char	*aaa_dev;
 	const char	*aaa_cdev;
-	uint64_t	 aaa_addr[4];
+	uint64_t	 aaa_addr[8];
-	uint64_t	 aaa_size[4];
+	uint64_t	 aaa_size[8];
-	bus_space_tag_t	 aaa_bst[4];
+	bus_space_tag_t	 aaa_bst[8];
 	int		 aaa_naddr;
 	uint32_t	 aaa_irq[8];
 	uint32_t	 aaa_irq_flags[8];

sys/dev/pci/mpii.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: mpii.c,v 1.146 2023/07/06 10:17:43 visa Exp $	*/
+/*	$OpenBSD: mpii.c,v 1.147 2023/11/29 06:54:09 jmatthew Exp $	*/
 /*
  * Copyright (c) 2010, 2012 Mike Belopuhov
  * Copyright (c) 2009 James Giannoules
@@ -162,6 +162,7 @@ struct mpii_softc {
 	int			sc_flags;
 #define MPII_F_RAID		(1<<1)
 #define MPII_F_SAS3		(1<<2)
+#define MPII_F_AERO		(1<<3)
 
 	struct scsibus_softc	*sc_scsibus;
 	unsigned int		sc_pending;
@@ -433,7 +434,11 @@ static const struct pci_matchid mpii_devices[] = {
 	{ PCI_VENDOR_SYMBIOS,	PCI_PRODUCT_SYMBIOS_SAS3508 },
 	{ PCI_VENDOR_SYMBIOS,	PCI_PRODUCT_SYMBIOS_SAS3508_1 },
 	{ PCI_VENDOR_SYMBIOS,	PCI_PRODUCT_SYMBIOS_SAS3516 },
-	{ PCI_VENDOR_SYMBIOS,	PCI_PRODUCT_SYMBIOS_SAS3516_1 }
+	{ PCI_VENDOR_SYMBIOS,	PCI_PRODUCT_SYMBIOS_SAS3516_1 },
+	{ PCI_VENDOR_SYMBIOS,	PCI_PRODUCT_SYMBIOS_SAS38XX },
+	{ PCI_VENDOR_SYMBIOS,	PCI_PRODUCT_SYMBIOS_SAS38XX_1 },
+	{ PCI_VENDOR_SYMBIOS,	PCI_PRODUCT_SYMBIOS_SAS39XX },
+	{ PCI_VENDOR_SYMBIOS,	PCI_PRODUCT_SYMBIOS_SAS39XX_1 },
 };
 
 int
@@ -494,6 +499,15 @@ mpii_attach(struct device *parent, struct device *self, void *aux)
 	}
 	printf(": %s\n", pci_intr_string(sc->sc_pc, ih));
 
+	switch (PCI_PRODUCT(pa->pa_id)) {
+	case PCI_PRODUCT_SYMBIOS_SAS38XX:
+	case PCI_PRODUCT_SYMBIOS_SAS38XX_1:
+	case PCI_PRODUCT_SYMBIOS_SAS39XX:
+	case PCI_PRODUCT_SYMBIOS_SAS39XX_1:
+		SET(sc->sc_flags, MPII_F_AERO);
+		break;
+	}
+
 	if (mpii_iocfacts(sc) != 0) {
 		printf("%s: unable to get iocfacts\n", DEVNAME(sc));
 		goto unmap;
@@ -963,10 +977,24 @@ u_int32_t
 mpii_read(struct mpii_softc *sc, bus_size_t r)
 {
 	u_int32_t			rv;
+	int				i;
 
-	bus_space_barrier(sc->sc_iot, sc->sc_ioh, r, 4,
+	if (ISSET(sc->sc_flags, MPII_F_AERO)) {
-	    BUS_SPACE_BARRIER_READ);
+		i = 0;
-	rv = bus_space_read_4(sc->sc_iot, sc->sc_ioh, r);
+		do {
+			if (i > 0)
+				DNPRINTF(MPII_D_RW, "%s: mpii_read retry %d\n",
+				    DEVNAME(sc), i);
+			bus_space_barrier(sc->sc_iot, sc->sc_ioh, r, 4,
+			    BUS_SPACE_BARRIER_READ);
+			rv = bus_space_read_4(sc->sc_iot, sc->sc_ioh, r);
+			i++;
+		} while (rv == 0 && i < 3);
+	} else {
+		bus_space_barrier(sc->sc_iot, sc->sc_ioh, r, 4,
+		    BUS_SPACE_BARRIER_READ);
+		rv = bus_space_read_4(sc->sc_iot, sc->sc_ioh, r);
+	}
 
 	DNPRINTF(MPII_D_RW, "%s: mpii_read %#lx %#x\n", DEVNAME(sc), r, rv);
 

sys/dev/pci/pcidevs

@@ -1,4 +1,4 @@
-$OpenBSD: pcidevs,v 1.2057 2023/11/26 05:47:21 jsg Exp $
+$OpenBSD: pcidevs,v 1.2058 2023/11/29 06:46:29 jmatthew Exp $
 /*	$NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $	*/
 
 /*
@@ -9120,6 +9120,10 @@ product SYMBIOS SAS3416		0x00ac	SAS3416
 product SYMBIOS SAS3508		0x00ad	SAS3508
 product SYMBIOS SAS3508_1	0x00ae	SAS3508
 product SYMBIOS SAS3408		0x00af	SAS3408
+product SYMBIOS SAS39XX		0x00e1	SAS39XX
+product SYMBIOS SAS39XX_1	0x00e2	SAS39XX
+product SYMBIOS SAS38XX		0x00e5	SAS38XX
+product SYMBIOS SAS38XX_1	0x00e6	SAS38XX
 product SYMBIOS MEGARAID_320	0x0407	MegaRAID 320
 product SYMBIOS MEGARAID_3202E	0x0408	MegaRAID 320-2E
 product SYMBIOS MEGARAID_SATA	0x0409	MegaRAID SATA 4x/8x

sys/dev/pci/pcidevs.h

@@ -2,7 +2,7 @@
  * THIS FILE AUTOMATICALLY GENERATED.  DO NOT EDIT.
  *
  * generated from:
- *	OpenBSD: pcidevs,v 1.2057 2023/11/26 05:47:21 jsg Exp 
+ *	OpenBSD: pcidevs,v 1.2058 2023/11/29 06:46:29 jmatthew Exp 
  */
 /*	$NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $	*/
 
@@ -9125,6 +9125,10 @@
 #define	PCI_PRODUCT_SYMBIOS_SAS3508	0x00ad		/* SAS3508 */
 #define	PCI_PRODUCT_SYMBIOS_SAS3508_1	0x00ae		/* SAS3508 */
 #define	PCI_PRODUCT_SYMBIOS_SAS3408	0x00af		/* SAS3408 */
+#define	PCI_PRODUCT_SYMBIOS_SAS39XX	0x00e1		/* SAS39XX */
+#define	PCI_PRODUCT_SYMBIOS_SAS39XX_1	0x00e2		/* SAS39XX */
+#define	PCI_PRODUCT_SYMBIOS_SAS38XX	0x00e5		/* SAS38XX */
+#define	PCI_PRODUCT_SYMBIOS_SAS38XX_1	0x00e6		/* SAS38XX */
 #define	PCI_PRODUCT_SYMBIOS_MEGARAID_320	0x0407		/* MegaRAID 320 */
 #define	PCI_PRODUCT_SYMBIOS_MEGARAID_3202E	0x0408		/* MegaRAID 320-2E */
 #define	PCI_PRODUCT_SYMBIOS_MEGARAID_SATA	0x0409		/* MegaRAID SATA 4x/8x */

sys/dev/pci/pcidevs_data.h

@@ -2,7 +2,7 @@
  * THIS FILE AUTOMATICALLY GENERATED.  DO NOT EDIT.
  *
  * generated from:
- *	OpenBSD: pcidevs,v 1.2057 2023/11/26 05:47:21 jsg Exp 
+ *	OpenBSD: pcidevs,v 1.2058 2023/11/29 06:46:29 jmatthew Exp 
  */
 
 /*	$NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $	*/
@@ -32767,6 +32767,22 @@ static const struct pci_known_product pci_known_products[] = {
 	    PCI_VENDOR_SYMBIOS, PCI_PRODUCT_SYMBIOS_SAS3408,
 	    "SAS3408",
 	},
+	{
+	    PCI_VENDOR_SYMBIOS, PCI_PRODUCT_SYMBIOS_SAS39XX,
+	    "SAS39XX",
+	},
+	{
+	    PCI_VENDOR_SYMBIOS, PCI_PRODUCT_SYMBIOS_SAS39XX_1,
+	    "SAS39XX",
+	},
+	{
+	    PCI_VENDOR_SYMBIOS, PCI_PRODUCT_SYMBIOS_SAS38XX,
+	    "SAS38XX",
+	},
+	{
+	    PCI_VENDOR_SYMBIOS, PCI_PRODUCT_SYMBIOS_SAS38XX_1,
+	    "SAS38XX",
+	},
 	{
 	    PCI_VENDOR_SYMBIOS, PCI_PRODUCT_SYMBIOS_MEGARAID_320,
 	    "MegaRAID 320",

sys/kern/kern_malloc.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_malloc.c,v 1.148 2022/08/14 01:58:27 jsg Exp $	*/
+/*	$OpenBSD: kern_malloc.c,v 1.149 2023/11/29 11:47:15 claudio Exp $	*/
 /*	$NetBSD: kern_malloc.c,v 1.15.4.2 1996/06/13 17:10:56 cgd Exp $	*/
 
 /*
@@ -88,18 +88,13 @@ struct vm_map *kmem_map = NULL;
 u_int	nkmempages = NKMEMPAGES;
 
 /*
- * Defaults for lower- and upper-bounds for the kmem_map page count.
+ * Defaults for upper-bounds for the kmem_map page count.
  * Can be overridden by kernel config options.
  */
-#ifndef	NKMEMPAGES_MIN
-#define	NKMEMPAGES_MIN	0
-#endif
-u_int	nkmempages_min = 0;
-
 #ifndef NKMEMPAGES_MAX
 #define	NKMEMPAGES_MAX	NKMEMPAGES_MAX_DEFAULT
 #endif
-u_int	nkmempages_max = 0;
+u_int	nkmempages_max = NKMEMPAGES_MAX;
 
 struct mutex malloc_mtx = MUTEX_INITIALIZER(IPL_VM);
 struct kmembuckets bucket[MINBUCKET + 16];
@@ -517,17 +512,6 @@ kmeminit_nkmempages(void)
 		return;
 	}
 
-	/*
-	 * We can't initialize these variables at compilation time, since
-	 * the page size may not be known (on sparc GENERIC kernels, for
-	 * example). But we still want the MD code to be able to provide
-	 * better values.
-	 */
-	if (nkmempages_min == 0)
-		nkmempages_min = NKMEMPAGES_MIN;
-	if (nkmempages_max == 0)
-		nkmempages_max = NKMEMPAGES_MAX;
-
 	/*
 	 * We use the following (simple) formula:
 	 *
@@ -542,9 +526,6 @@ kmeminit_nkmempages(void)
 	if (npages > nkmempages_max)
 		npages = nkmempages_max;
 
-	if (npages < nkmempages_min)
-		npages = nkmempages_min;
-
 	nkmempages = npages;
 }
 

usr.bin/awk/FIXES

@@ -25,6 +25,12 @@ THIS SOFTWARE.
 This file lists all bug fixes, changes, etc., made since the 
 second edition of the AWK book was published in September 2023.
 
+Nov 27, 2023:
+	Fix exit status of system on MacOS. update to REGRESS.
+	Thanks to Arnold Robbins. 
+	Fix inconsistent handling of -F and --csv, and loss of csv
+	mode when FS is set. Thanks to Wilbert van der Poel.
+	
 Nov 24, 2023:
         Fix issue #199: gototab improvements to dynamically resize the
         table, qsort and bsearch to improve the lookup speed as the

usr.bin/awk/README.md

@@ -32,8 +32,6 @@ Aribtrary characters may be included with `\u` followed by 1 to 8 hexadecimal di
 ### Regular expressions ###
 
 Regular expressions may include UTF-8 code points, including `\u`.
-Character classes are likely to be limited to about 256 characters
-when expanded.
 
 ### CSV ###
 

usr.bin/awk/lib.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: lib.c,v 1.54 2023/10/30 17:52:54 millert Exp $	*/
+/*	$OpenBSD: lib.c,v 1.55 2023/11/28 20:54:38 millert Exp $	*/
 /****************************************************************
 Copyright (C) Lucent Technologies 1997
 All Rights Reserved
@@ -396,7 +396,7 @@ void fldbld(void)	/* create fields from current record */
 	i = 0;	/* number of fields accumulated here */
 	if (inputFS == NULL)	/* make sure we have a copy of FS */
 		savefs();
-	if (strlen(inputFS) > 1) {	/* it's a regular expression */
+	if (!CSV && strlen(inputFS) > 1) {	/* it's a regular expression */
 		i = refldbld(r, inputFS);
 	} else if (!CSV && (sep = *inputFS) == ' ') {	/* default whitespace */
 		for (i = 0; ; ) {

usr.bin/awk/main.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: main.c,v 1.66 2023/11/25 16:31:33 millert Exp $	*/
+/*	$OpenBSD: main.c,v 1.67 2023/11/28 20:54:38 millert Exp $	*/
 /****************************************************************
 Copyright (C) Lucent Technologies 1997
 All Rights Reserved
@@ -23,7 +23,7 @@ ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF
 THIS SOFTWARE.
 ****************************************************************/
 
-const char	*version = "version 20231124";
+const char	*version = "version 20231127";
 
 #define DEBUG
 #include <stdio.h>
@@ -180,6 +180,8 @@ int main(int argc, char *argv[])
 		}
 		if (strcmp(argv[1], "--csv") == 0) {	/* turn on csv input processing */
 			CSV = true;
+			if (fs)
+				WARNING("danger: don't set FS when --csv is in effect");
 			argc--;
 			argv++;
 			continue;
@@ -201,6 +203,8 @@ int main(int argc, char *argv[])
  			break;
 		case 'F':	/* set field separator */
 			fs = setfs(getarg(&argc, &argv, "no field separator"));
+			if (CSV)
+				WARNING("danger: don't set FS when --csv is in effect");
 			break;
 		case 'v':	/* -v a=1 to be done NOW.  one -v for each */
 			vn = getarg(&argc, &argv, "no variable name");

usr.bin/awk/run.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: run.c,v 1.82 2023/11/25 16:31:33 millert Exp $	*/
+/*	$OpenBSD: run.c,v 1.83 2023/11/28 20:54:38 millert Exp $	*/
 /****************************************************************
 Copyright (C) Lucent Technologies 1997
 All Rights Reserved
@@ -2069,6 +2069,7 @@ Cell *bltin(Node **a, int n)	/* builtin functions. a[0] is type, a[1] is arg lis
 	int status = 0;
 	time_t tv;
 	struct tm *tm, tmbuf;
+	int estatus = 0;
 
 	t = ptoi(a[0]);
 	x = execute(a[1]);
@@ -2169,20 +2170,21 @@ Cell *bltin(Node **a, int n)	/* builtin functions. a[0] is type, a[1] is arg lis
 		break;
 	case FSYSTEM:
 		fflush(stdout);		/* in case something is buffered already */
-		status = system(getsval(x));
+		estatus = status = system(getsval(x));
-		u = status;
 		if (status != -1) {
 			if (WIFEXITED(status)) {
-				u = WEXITSTATUS(status);
+				estatus = WEXITSTATUS(status);
 			} else if (WIFSIGNALED(status)) {
-				u = WTERMSIG(status) + 256;
+				estatus = WTERMSIG(status) + 256;
 #ifdef WCOREDUMP
 				if (WCOREDUMP(status))
-					u += 256;
+					estatus += 256;
 #endif
 			} else	/* something else?!? */
-				u = 0;
+				estatus = 0;
 		}
+		/* else estatus was set to -1 */
+		u = estatus;
 		break;
 	case FRAND:
 		/* random() returns numbers in [0..2^31-1]

usr.sbin/pkg_add/package.5

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: package.5,v 1.32 2022/12/28 21:30:18 jmc Exp $
+.\"	$OpenBSD: package.5,v 1.33 2023/11/29 14:32:01 espie Exp $
 .\" Copyright (c) 2005-2006 Marc Espie <espie@openbsd.org>
 .\"
 .\" Permission to use, copy, modify, and distribute this software for any
@@ -12,12 +12,14 @@
 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.Dd $Mdocdate: December 28 2022 $
+.Dd $Mdocdate: November 29 2023 $
 .Dt PACKAGE 5
 .Os
 .Sh NAME
-.Nm package
+.Nm package ,
-.Nd format for OpenBSD binary packages
+.Nm packing-list ,
+.Nm plist
+.Nd format for OpenBSD binary packages and packing-lists
 .Sh DESCRIPTION
 Binary packages for
 .Ox
@@ -54,12 +56,19 @@ devices.
 .Pp
 In order to allow just-in-time extraction,
 packages always begin with a table of contents, named
-.Pa +CONTENTS .
+.Pa +CONTENTS ,
+nicknamed
+.Nm packing-list
+.Po
+.Nm plist
+for short
+.Pc .
 This table of contents can be read using the API described in
 .Xr OpenBSD::PackingList 3p .
 .Pp
-All the remaining information in the archive should be referenced in
+All the remaining information in the archive should be referenced in the
-the packing-list, including all relevant information: symlinks destinations,
+.Nm packing-list ,
+including symlinks destinations,
 special permissions, and file owners
 .Po
 .Xr pkg_create 1
@@ -97,13 +106,17 @@ Starting with
 .Ox 5.6 ,
 tarballs are stored
 .Qq out-of-order :
-each archive entry will match an entry in the packing-list (and all file-like
+each archive entry will match an entry in the
-entries will be matched), but the order will be adjusted so that most recently
+.Nm packing-list
-changed files come first, in order to allow faster updates.
+(and all file-like entries will be matched), but the order will be adjusted
+so that most recently changed files come first, in order to allow
+faster updates.
 .Pp
 Starting with
 .Ox 5.7 ,
-by default, timestamps are stored directly in the packing-list as
+by default, timestamps are stored directly in the
+.Nm packing-list
+as
 .Cm @ts
 annotations.
 The files in the archive will have a null timestamp.
@@ -185,7 +198,8 @@ Some options are automatically inserted/modified by the package tools:
 .Bl -tag -width indent
 .It Ar always-update
 .Xr pkg_create 1
-will complete the option line with a sha256 digest of the whole packing-list
+will complete the option line with a sha256 digest of the whole
+.Nm packing-list
 encoded in base64.
 .It Ar firmware
 Set by
@@ -259,12 +273,9 @@ All information within a package is checksummed, using SHA256 since
 .Ox 4.4 .
 During creation and installation, meta-information, such as file owners and
 permissions, are also checked: any important stuff that isn't recorded
-in the packing-list is an error.
+in the
-.Pp
+.Nm packing-list
-Packing-lists can be signed.
+is an error.
-If a signature is found, then it will be checked
-during installation, and failure to verify will prevent the package from
-installing correctly.
 .Pp
 Starting with
 .Ox 6.1 ,
@@ -288,4 +299,5 @@ Packages are valid gzip'ed ustar archives that can be extracted using
 In particular, hardlink names should be valid, and all items will
 extract to different names.
 However, it may be a bit difficult to make sense of the package contents
-without peeking at the packing-list.
+without peeking at the
+.Nm packing-list .

usr.sbin/relayd/relay_http.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: relay_http.c,v 1.84 2022/12/28 21:38:29 jmc Exp $	*/
+/*	$OpenBSD: relay_http.c,v 1.86 2023/11/29 15:35:07 millert Exp $	*/
 
 /*
  * Copyright (c) 2006 - 2016 Reyk Floeter <reyk@openbsd.org>
@@ -161,6 +161,20 @@ relay_httpdesc_free(struct http_descriptor *desc)
 	desc->http_lastheader = NULL;
 }
 
+static int
+relay_http_header_name_valid(const char *name)
+{
+	/*
+	 * RFC 9110 specifies that only the following characters are
+	 * permitted within HTTP header field names.
+	 */
+	const char token_chars[] = "!#$%&'*+-.^_`|~0123456789"
+	    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+	const size_t len = strspn(name, token_chars);
+
+	return (name[len] == '\0');
+}
+
 void
 relay_read_http(struct bufferevent *bev, void *arg)
 {
@@ -196,10 +210,15 @@ relay_read_http(struct bufferevent *bev, void *arg)
 		goto done;
 	}
 
-	while (!cre->done) {
+	for (;;) {
 		line = evbuffer_readln(src, &linelen, EVBUFFER_EOL_CRLF);
-		if (line == NULL)
+		if (line == NULL) {
+			/*
+			 * We do not process the last header on premature
+			 * EOF as it may not be complete.
+			 */
 			break;
+		}
 
 		/*
 		 * An empty line indicates the end of the request.
@@ -208,35 +227,168 @@ relay_read_http(struct bufferevent *bev, void *arg)
 		if (linelen == 0) {
 			cre->done = 1;
 			free(line);
+			line = NULL;
+			if (cre->line > 1) {
+				/* Process last (complete) header line. */
+				goto last_header;
+			}
 			break;
 		}
-		key = line;
 
 		/* Limit the total header length minus \r\n */
 		cre->headerlen += linelen;
 		if (cre->headerlen > proto->httpheaderlen) {
-			free(line);
 			relay_abort_http(con, 413,
 			    "request headers too large", 0);
-			return;
+			goto abort;
 		}
 
+		/* Reject requests with an embedded NUL byte. */
+		if (memchr(line, '\0', linelen) != NULL) {
+			relay_abort_http(con, 400, "malformed", 0);
+			goto abort;
+		}
+
+		hs = con->se_priv;
+		DPRINTF("%s: session %d http_session %p", __func__,
+			con->se_id, hs);
+
 		/*
 		 * The first line is the GET/POST/PUT/... request,
 		 * subsequent lines are HTTP headers.
 		 */
-		if (++cre->line == 1)
+		if (++cre->line == 1) {
-			value = strchr(key, ' ');
+			key = line;
-		else if (*key == ' ' || *key == '\t')
+			if ((value = strchr(key, ' ')) == NULL) {
-			/* Multiline headers wrap with a space or tab */
-			value = NULL;
-		else
-			value = strchr(key, ':');
-		if (value == NULL) {
-			if (cre->line <= 2) {
-				free(line);
 				relay_abort_http(con, 400, "malformed", 0);
-				return;
+				goto abort;
+			}
+			*value++ = '\0';
+
+			if (cre->dir == RELAY_DIR_RESPONSE) {
+				desc->http_method = HTTP_METHOD_RESPONSE;
+				hmn = SIMPLEQ_FIRST(&hs->hs_methods);
+
+				/*
+				 * There is nothing preventing the relay from
+				 * sending an unbalanced response.  Be prepared.
+				 */
+				if (hmn == NULL) {
+					request_method = HTTP_METHOD_NONE;
+					DPRINTF("%s: session %d unbalanced "
+					    "response", __func__, con->se_id);
+				} else {
+					SIMPLEQ_REMOVE_HEAD(&hs->hs_methods,
+					    hmn_entry);
+					request_method = hmn->hmn_method;
+					DPRINTF("%s: session %d dequeuing %s",
+					    __func__, con->se_id,
+					    relay_httpmethod_byid(request_method));
+					free(hmn);
+				}
+
+				/*
+				 * Decode response path and query
+				 */
+				desc->http_version = strdup(key);
+				if (desc->http_version == NULL) {
+					free(line);
+					goto fail;
+				}
+				desc->http_rescode = strdup(value);
+				if (desc->http_rescode == NULL) {
+					free(line);
+					goto fail;
+				}
+				desc->http_resmesg = strchr(desc->http_rescode,
+				    ' ');
+				if (desc->http_resmesg == NULL) {
+					free(line);
+					goto fail;
+				}
+				*desc->http_resmesg++ = '\0';
+				desc->http_resmesg = strdup(desc->http_resmesg);
+				if (desc->http_resmesg == NULL) {
+					free(line);
+					goto fail;
+				}
+				desc->http_status = strtonum(desc->http_rescode,
+				    100, 599, &errstr);
+				if (errstr) {
+					DPRINTF(
+					    "%s: http_status %s: errno %d, %s",
+					    __func__, desc->http_rescode, errno,
+					    errstr);
+					free(line);
+					goto fail;
+				}
+				DPRINTF("http_version %s http_rescode %s "
+				    "http_resmesg %s", desc->http_version,
+				    desc->http_rescode, desc->http_resmesg);
+			} else if (cre->dir == RELAY_DIR_REQUEST) {
+				desc->http_method =
+				    relay_httpmethod_byname(key);
+				if (desc->http_method == HTTP_METHOD_NONE) {
+					free(line);
+					goto fail;
+				}
+				if ((hmn = calloc(1, sizeof *hmn)) == NULL) {
+					free(line);
+					goto fail;
+				}
+				hmn->hmn_method = desc->http_method;
+				DPRINTF("%s: session %d enqueuing %s",
+				    __func__, con->se_id,
+				    relay_httpmethod_byid(hmn->hmn_method));
+				SIMPLEQ_INSERT_TAIL(&hs->hs_methods, hmn,
+				    hmn_entry);
+				/*
+				 * Decode request path and query
+				 */
+				desc->http_path = strdup(value);
+				if (desc->http_path == NULL) {
+					free(line);
+					goto fail;
+				}
+				desc->http_version = strchr(desc->http_path,
+				    ' ');
+				if (desc->http_version == NULL) {
+					free(line);
+					goto fail;
+				}
+				*desc->http_version++ = '\0';
+				desc->http_query = strchr(desc->http_path, '?');
+				if (desc->http_query != NULL)
+					*desc->http_query++ = '\0';
+
+				/*
+				 * Have to allocate the strings because they
+				 * could be changed independently by the
+				 * filters later.
+				 */
+				if ((desc->http_version =
+				    strdup(desc->http_version)) == NULL) {
+					free(line);
+					goto fail;
+				}
+				if (desc->http_query != NULL &&
+				    (desc->http_query =
+				    strdup(desc->http_query)) == NULL) {
+					free(line);
+					goto fail;
+				}
+			}
+
+			free(line);
+			continue;
+		}
+
+		/* Multiline headers wrap with a space or tab. */
+		if (*line == ' ' || *line == '\t') {
+			if (cre->line == 2) {
+				/* First header line cannot start with space. */
+				relay_abort_http(con, 400, "malformed", 0);
+				goto abort;
 			}
 
 			/* Append line to the last header, if present */
@@ -249,220 +401,134 @@ relay_read_http(struct bufferevent *bev, void *arg)
 			free(line);
 			continue;
 		}
-		if (*value == ':') {
-			*value++ = '\0';
-			value += strspn(value, " \t\r\n");
-		} else {
-			*value++ = '\0';
-		}
 
-		DPRINTF("%s: session %d: header '%s: %s'", __func__,
+		/* Process the last complete header line. */
-		    con->se_id, key, value);
+ last_header:
+		if (desc->http_lastheader != NULL) {
+			key = desc->http_lastheader->kv_key;
+			value = desc->http_lastheader->kv_value;
 
-		hs = con->se_priv;
+			DPRINTF("%s: session %d: header '%s: %s'", __func__,
-		DPRINTF("%s: session %d http_session %p", __func__,
+			    con->se_id, key, value);
-			con->se_id, hs);
 
-		/*
+			if (desc->http_method != HTTP_METHOD_NONE &&
-		 * Identify and handle specific HTTP request methods
+			    strcasecmp("Content-Length", key) == 0) {
-		 */
-		if (cre->line == 1 && cre->dir == RELAY_DIR_RESPONSE) {
-			desc->http_method = HTTP_METHOD_RESPONSE;
-			hmn = SIMPLEQ_FIRST(&hs->hs_methods);
-
-			/*
-			 * There is nothing preventing the relay to send
-			 * an unbalanced response.  Be prepared.
-			 */
-			if (hmn == NULL) {
-				request_method = HTTP_METHOD_NONE;
-				DPRINTF("%s: session %d unbalanced response",
-				    __func__, con->se_id);
-			} else {
-				SIMPLEQ_REMOVE_HEAD(&hs->hs_methods, hmn_entry);
-				request_method = hmn->hmn_method;
-				DPRINTF("%s: session %d dequeuing %s", __func__,
-				    con->se_id,
-				    relay_httpmethod_byid(request_method));
-				free(hmn);
-			}
-
-			/*
-			 * Decode response path and query
-			 */
-			desc->http_version = strdup(line);
-			if (desc->http_version == NULL) {
-				free(line);
-				goto fail;
-			}
-			desc->http_rescode = strdup(value);
-			if (desc->http_rescode == NULL) {
-				free(line);
-				goto fail;
-			}
-			desc->http_resmesg = strchr(desc->http_rescode, ' ');
-			if (desc->http_resmesg == NULL) {
-				free(line);
-				goto fail;
-			}
-			*desc->http_resmesg++ = '\0';
-			if ((desc->http_resmesg = strdup(desc->http_resmesg))
-			    == NULL) {
-				free(line);
-				goto fail;
-			}
-			desc->http_status = strtonum(desc->http_rescode, 100,
-			    599, &errstr);
-			if (errstr) {
-				DPRINTF("%s: http_status %s: errno %d, %s",
-				    __func__, desc->http_rescode, errno,
-				    errstr);
-				free(line);
-				goto fail;
-			}
-			DPRINTF("http_version %s http_rescode %s "
-			    "http_resmesg %s", desc->http_version,
-			    desc->http_rescode, desc->http_resmesg);
-			goto lookup;
-		} else if (cre->line == 1 && cre->dir == RELAY_DIR_REQUEST) {
-			if ((desc->http_method = relay_httpmethod_byname(key))
-			    == HTTP_METHOD_NONE) {
-				free(line);
-				goto fail;
-			}
-			if ((hmn = calloc(1, sizeof *hmn)) == NULL) {
-				free(line);
-				goto fail;
-			}
-			hmn->hmn_method = desc->http_method;
-			DPRINTF("%s: session %d enqueuing %s", __func__,
-			    con->se_id,
-			    relay_httpmethod_byid(hmn->hmn_method));
-			SIMPLEQ_INSERT_TAIL(&hs->hs_methods, hmn, hmn_entry);
-			/*
-			 * Decode request path and query
-			 */
-			desc->http_path = strdup(value);
-			if (desc->http_path == NULL) {
-				free(line);
-				goto fail;
-			}
-			desc->http_version = strchr(desc->http_path, ' ');
-			if (desc->http_version == NULL) {
-				free(line);
-				goto fail;
-			}
-			*desc->http_version++ = '\0';
-			desc->http_query = strchr(desc->http_path, '?');
-			if (desc->http_query != NULL)
-				*desc->http_query++ = '\0';
-
-			/*
-			 * Have to allocate the strings because they could
-			 * be changed independently by the filters later.
-			 */
-			if ((desc->http_version =
-			    strdup(desc->http_version)) == NULL) {
-				free(line);
-				goto fail;
-			}
-			if (desc->http_query != NULL &&
-			    (desc->http_query =
-			    strdup(desc->http_query)) == NULL) {
-				free(line);
-				goto fail;
-			}
-		} else if (desc->http_method != HTTP_METHOD_NONE &&
-		    strcasecmp("Content-Length", key) == 0) {
-			/*
-			 * These methods should not have a body
-			 * and thus no Content-Length header.
-			 */
-			if (desc->http_method == HTTP_METHOD_TRACE ||
-			    desc->http_method == HTTP_METHOD_CONNECT) {
-				relay_abort_http(con, 400, "malformed", 0);
-				goto abort;
-			}
-			/*
-			 * HEAD responses may provide a Content-Length header,
-			 * but if so it should just be ignored, since there is
-			 * no actual payload in the response.
-			 */
-			if (desc->http_method != HTTP_METHOD_RESPONSE
-			    || request_method != HTTP_METHOD_HEAD) {
 				/*
-				 * Need to read data from the client after the
+				 * These methods should not have a body
-				 * HTTP header.
+				 * and thus no Content-Length header.
-				 * XXX What about non-standard clients not
-				 * using the carriage return? And some browsers
-				 * seem to include the line length in the
-				 * content-length.
 				 */
-				cre->toread = strtonum(value, 0, LLONG_MAX,
+				if (desc->http_method == HTTP_METHOD_TRACE ||
-				    &errstr);
+				    desc->http_method == HTTP_METHOD_CONNECT) {
-				if (errstr) {
+					relay_abort_http(con, 400, "malformed",
-					relay_abort_http(con, 500, errstr, 0);
+					    0);
+					goto abort;
+				}
+				/*
+				 * HEAD responses may provide a Content-Length
+				 * header, but if so it should just be ignored,
+				 * since there is no actual payload in the
+				 * response.
+				 */
+				if (desc->http_method != HTTP_METHOD_RESPONSE
+				    || request_method != HTTP_METHOD_HEAD) {
+					/*
+					 * Need to read data from the client
+					 * after the HTTP header.
+					 * XXX What about non-standard clients
+					 * not using the carriage return? And
+					 * some browsers seem to include the
+					 * line length in the content-length.
+					 */
+					if (*value == '+' || *value == '-') {
+						errstr = "invalid";
+					} else {
+						cre->toread = strtonum(value, 0,
+						    LLONG_MAX, &errstr);
+					}
+					if (errstr) {
+						relay_abort_http(con, 500,
+						    errstr, 0);
+						goto abort;
+					}
+				}
+				/*
+				 * Response with a status code of 1xx
+				 * (Informational) or 204 (No Content) MUST
+				 * not have a Content-Length (rfc 7230 3.3.3)
+				 * Instead we check for value != 0 because there
+				 * are servers that do not follow the rfc and
+				 * send Content-Length: 0.
+				 */
+				if (desc->http_method == HTTP_METHOD_RESPONSE &&
+				    (((desc->http_status >= 100 &&
+				    desc->http_status < 200) ||
+				    desc->http_status == 204)) &&
+				    cre->toread != 0) {
+					relay_abort_http(con, 502,
+					    "Bad Gateway", 0);
 					goto abort;
 				}
 			}
-			/*
+			if (strcasecmp("Transfer-Encoding", key) == 0) {
-			 * response with a status code of 1xx
+				/* We don't support other encodings. */
-			 * (Informational) or 204 (No Content) MUST
+				if (strcasecmp("chunked", value) != 0) {
-			 * not have a Content-Length (rfc 7230 3.3.3)
-			 * Instead we check for value != 0 because there are
-			 * servers that do not follow the rfc and send
-			 * Content-Length: 0.
-			 */
-			if (desc->http_method == HTTP_METHOD_RESPONSE && (
-			    ((desc->http_status >= 100 &&
-			    desc->http_status < 200) ||
-			    desc->http_status == 204)) &&
-			    cre->toread != 0) {
-				relay_abort_http(con, 502,
-				    "Bad Gateway", 0);
-				goto abort;
-			}
-		}
- lookup:
-		if (strcasecmp("Transfer-Encoding", key) == 0 &&
-		    strcasecmp("chunked", value) == 0)
-			desc->http_chunked = 1;
-
-		/* The following header should only occur once */
-		if (strcasecmp("Host", key) == 0) {
-			unique = 1;
-
-			/*
-			 * The path may contain a URL.  The host in the
-			 * URL has to match the Host: value.
-			 */
-			if (parse_url(desc->http_path,
-			    &urlproto, &host, &path) == 0) {
-				ret = strcasecmp(host, value);
-				free(urlproto);
-				free(host);
-				free(path);
-				if (ret != 0) {
 					relay_abort_http(con, 400,
-					    "malformed host", 0);
+					    "malformed", 0);
 					goto abort;
 				}
+				desc->http_chunked = 1;
 			}
-		} else
-			unique = 0;
 
-		if (cre->line != 1) {
+			if (strcasecmp("Host", key) == 0) {
-			if ((hdr = kv_add(&desc->http_headers, key,
+				/*
-			    value, unique)) == NULL) {
+				 * The path may contain a URL.  The host in the
-				relay_abort_http(con, 400,
+				 * URL has to match the Host: value.
-				    "malformed header", 0);
+				 */
-				goto abort;
+				if (parse_url(desc->http_path,
+				    &urlproto, &host, &path) == 0) {
+					ret = strcasecmp(host, value);
+					free(urlproto);
+					free(host);
+					free(path);
+					if (ret != 0) {
+						relay_abort_http(con, 400,
+						    "malformed host", 0);
+						goto abort;
+					}
+				}
 			}
-			desc->http_lastheader = hdr;
 		}
 
+		if (cre->done)
+			break;
+
+		/* Validate header field name and check for missing value. */
+		key = line;
+		if ((value = strchr(line, ':')) == NULL) {
+			relay_abort_http(con, 400, "malformed", 0);
+			goto abort;
+		}
+		*value++ = '\0';
+		value += strspn(value, " \t\r\n");
+
+		if (!relay_http_header_name_valid(key)) {
+			relay_abort_http(con, 400, "malformed", 0);
+			goto abort;
+		}
+
+		/* The "Host" header must only occur once. */
+		unique = strcasecmp("Host", key) == 0;
+
+		if ((hdr = kv_add(&desc->http_headers, key,
+		    value, unique)) == NULL) {
+			relay_abort_http(con, 400, "malformed header", 0);
+			goto abort;
+		}
+		desc->http_lastheader = hdr;
+
 		free(line);
 	}
+
 	if (cre->done) {
 		if (desc->http_method == HTTP_METHOD_NONE) {
 			relay_abort_http(con, 406, "no method", 0);
@@ -721,7 +787,7 @@ relay_read_httpchunks(struct bufferevent *bev, void *arg)
 	struct rsession		*con = cre->con;
 	struct protocol		*proto = con->se_relay->rl_proto;
 	struct evbuffer		*src = EVBUFFER_INPUT(bev);
-	char			*line;
+	char			*line, *ep;
 	long long		 llval;
 	size_t			 size, linelen;
 
@@ -766,10 +832,19 @@ relay_read_httpchunks(struct bufferevent *bev, void *arg)
 		}
 
 		/*
-		 * Read prepended chunk size in hex, ignore the trailer.
+		 * Read prepended chunk size in hex without leading +0[Xx].
 		 * The returned signed value must not be negative.
 		 */
-		if (sscanf(line, "%llx", &llval) != 1 || llval < 0) {
+		if (line[0] == '+' || line[0] == '-' ||
+		    (line[0] == '0' && (line[1] == 'x' || line[1] == 'X'))) {
+			/* Reject values like 0xdead and 0XBEEF or +FEED. */
+			ep = line;
+		} else {
+			errno = 0;
+			llval = strtoll(line, &ep, 16);
+		}
+		if (ep == line || *ep != '\0' || llval < 0 ||
+		    (errno == ERANGE && llval == LLONG_MAX)) {
 			free(line);
 			relay_close(con, "invalid chunk size", 1);
 			return;