diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index f5114d5ca..d67bb4431 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.132 2023/06/25 19:29:30 tb Exp $ +# $OpenBSD: Makefile,v 1.133 2023/06/29 06:12:04 tb Exp $ LIB= crypto LIBREBUILD=y @@ -18,7 +18,7 @@ CFLAGS+= -Wall -Wundef .if ${COMPILER_VERSION:L} == "clang" CFLAGS+= -Werror -Wshadow .endif -CFLAGS+= -DLIBRESSL_INTERNAL -DLIBRESSL_CRYPTO_INTERNAL +CFLAGS+= -DLIBRESSL_INTERNAL .ifdef NAMESPACE CFLAGS+= -DLIBRESSL_NAMESPACE -DLIBRESSL_CRYPTO_NAMESPACE .endif diff --git a/lib/libcrypto/evp/names.c b/lib/libcrypto/evp/names.c index a27a18754..10ce13bb8 100644 --- a/lib/libcrypto/evp/names.c +++ b/lib/libcrypto/evp/names.c @@ -1,4 +1,4 @@ -/* $OpenBSD: names.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */ +/* $OpenBSD: names.c,v 1.17 2023/06/29 06:11:33 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -64,6 +64,9 @@ #include "evp_local.h" +extern int obj_cleanup_defer; +void check_defer(int nid); + int EVP_add_cipher(const EVP_CIPHER *c) { diff --git a/lib/libcrypto/man/EC_GROUP_copy.3 b/lib/libcrypto/man/EC_GROUP_copy.3 index 6aa569596..c83ee3d5b 100644 --- a/lib/libcrypto/man/EC_GROUP_copy.3 +++ b/lib/libcrypto/man/EC_GROUP_copy.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EC_GROUP_copy.3,v 1.13 2022/07/02 17:09:09 jsing Exp $ +.\" $OpenBSD: EC_GROUP_copy.3,v 1.14 2023/06/28 18:07:07 tb Exp $ .\" full merge up to: OpenSSL d900a015 Oct 8 14:40:42 2015 +0200 .\" selective merge up to: OpenSSL 24c23e1f Aug 22 10:51:25 2019 +0530 .\" @@ -51,7 +51,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 2 2022 $ +.Dd $Mdocdate: June 28 2023 $ .Dt EC_GROUP_COPY 3 .Os .Sh NAME @@ -76,9 +76,7 @@ .Nm EC_GROUP_check , .Nm EC_GROUP_check_discriminant , .Nm EC_GROUP_cmp , -.Nm EC_GROUP_get_basis_type , -.Nm EC_GROUP_get_trinomial_basis , -.Nm EC_GROUP_get_pentanomial_basis +.Nm EC_GROUP_get_basis_type .Nd manipulate EC_GROUP objects .Sh SYNOPSIS .In openssl/ec.h @@ -188,18 +186,6 @@ .Fo EC_GROUP_get_basis_type .Fa "const EC_GROUP *" .Fc -.Ft int -.Fo EC_GROUP_get_trinomial_basis -.Fa "const EC_GROUP *" -.Fa "unsigned int *k" -.Fc -.Ft int -.Fo EC_GROUP_get_pentanomial_basis -.Fa "const EC_GROUP *" -.Fa "unsigned int *k1" -.Fa "unsigned int *k2" -.Fa "unsigned int *k3" -.Fc .Sh DESCRIPTION These functions operate on .Vt EC_GROUP @@ -398,48 +384,15 @@ and .Fa b to determine whether they represent the same curve or not. .Pp -The functions -.Fn EC_GROUP_get_basis_type , -.Fn EC_GROUP_get_trinomial_basis , -and -.Fn EC_GROUP_get_pentanomial_basis -should only be called for curves defined over an F2^m field. -Addition and multiplication operations within an F2^m field are -performed using an irreducible polynomial function f(x). -This function is either a trinomial of the form: -.Pp -.Dl f(x) = x^m + x^k + 1 with m > k >= 1 -.Pp -or a pentanomial of the form: -.Pp -.Dl f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m > k3 > k2 > k1 >= 1 -.Pp -The function .Fn EC_GROUP_get_basis_type -returns a NID identifying whether a trinomial or pentanomial is in -use for the field. -The function -.Fn EC_GROUP_get_trinomial_basis -must only be called where f(x) is of the trinomial form, and returns -the value of -.Fa k . -Similarly, the function -.Fn EC_GROUP_get_pentanomial_basis -must only be called where f(x) is of the pentanomial form, and -returns the values of -.Fa k1 , -.Fa k2 , -and -.Fa k3 . +always returns 0 and is only provided for compatibility. .Sh RETURN VALUES The following functions return 1 on success or 0 on error: .Fn EC_GROUP_copy , .Fn EC_GROUP_set_generator , .Fn EC_GROUP_check , -.Fn EC_GROUP_check_discriminant , -.Fn EC_GROUP_get_trinomial_basis , and -.Fn EC_GROUP_get_pentanomial_basis . +.Fn EC_GROUP_check_discriminant . .Pp .Fn EC_GROUP_dup returns a pointer to the duplicated curve or @@ -516,14 +469,7 @@ returns 0 if the curves are equal, 1 if they are not equal, or -1 on error. .Pp .Fn EC_GROUP_get_basis_type -returns the values -.Dv NID_X9_62_tpBasis -or -.Dv NID_X9_62_ppBasis -as defined in -.In openssl/objects.h -for a trinomial or pentanomial, respectively. -Alternatively in the event of an error a 0 is returned. +always returns 0. .Sh SEE ALSO .Xr d2i_ECPKParameters 3 , .Xr EC_GFp_simple_method 3 , @@ -556,11 +502,9 @@ first appeared in OpenSSL 0.9.7 and have been available since .Fn EC_GROUP_check , .Fn EC_GROUP_check_discriminant , .Fn EC_GROUP_cmp , -.Fn EC_GROUP_get_basis_type , -.Fn EC_GROUP_get_trinomial_basis , and -.Fn EC_GROUP_get_pentanomial_basis -first appeared in OpenSSL 0.9.8 and has been available since +.Fn EC_GROUP_get_basis_type +first appeared in OpenSSL 0.9.8 and have been available since .Ox 4.5 . .Pp .Fn EC_GROUP_order_bits diff --git a/lib/libcrypto/objects/objects.h b/lib/libcrypto/objects/objects.h index 7fc11fa59..91e4eb0d1 100644 --- a/lib/libcrypto/objects/objects.h +++ b/lib/libcrypto/objects/objects.h @@ -1,4 +1,4 @@ -/* $OpenBSD: objects.h,v 1.21 2022/11/13 14:03:13 tb Exp $ */ +/* $OpenBSD: objects.h,v 1.22 2023/06/29 06:11:33 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -142,11 +142,6 @@ int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid); int OBJ_add_sigid(int signid, int dig_id, int pkey_id); void OBJ_sigid_free(void); -#if defined(LIBRESSL_CRYPTO_INTERNAL) -extern int obj_cleanup_defer; -void check_defer(int nid); -#endif - void ERR_load_OBJ_strings(void); /* Error codes for the OBJ functions. */ diff --git a/regress/usr.sbin/rpki-client/Makefile.inc b/regress/usr.sbin/rpki-client/Makefile.inc index be503b590..6915ddcc6 100644 --- a/regress/usr.sbin/rpki-client/Makefile.inc +++ b/regress/usr.sbin/rpki-client/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.33 2023/06/20 12:52:32 job Exp $ +# $OpenBSD: Makefile.inc,v 1.34 2023/06/29 10:29:18 tb Exp $ .PATH: ${.CURDIR}/../../../../usr.sbin/rpki-client @@ -25,7 +25,7 @@ DPADD+= ${LIBCRYPTO} ${LIBUTIL} CLEANFILES+= *.out *.err *.txt SRCS_test-ip += test-ip.c ip.c io.c encoding.c print.c x509.c \ - log.c validate.c as.c cert.c cms.c crl.c mft.c json.c + validate.c as.c cert.c cms.c crl.c mft.c json.c run-regress-test-ip: test-ip ./test-ip @@ -34,55 +34,55 @@ TALARGS += ta/apnic-rpki-root-iana-origin.cer tal/apnic.tal TALARGS += ta/ripe-ncc-ta.cer tal/ripe.tal SRCS_test-cert+= test-cert.c cert.c cms.c crl.c x509.c ip.c as.c io.c \ - log.c tal.c validate.c encoding.c print.c mft.c json.c + tal.c validate.c encoding.c print.c mft.c json.c run-regress-test-cert: test-cert ./test-cert -v ${.CURDIR}/../cer/*.cer ./test-cert -vt ${TALARGS:S,,${.CURDIR}/../&,} -SRCS_test-mft+= test-mft.c mft.c crl.c cms.c x509.c ip.c io.c log.c validate.c \ +SRCS_test-mft+= test-mft.c mft.c crl.c cms.c x509.c ip.c io.c validate.c \ encoding.c print.c json.c cert.c as.c run-regress-test-mft: test-mft ./test-mft -v ${.CURDIR}/../mft/*.mft -SRCS_test-roa+= test-roa.c roa.c cms.c x509.c ip.c as.c io.c log.c json.c \ +SRCS_test-roa+= test-roa.c roa.c cms.c x509.c ip.c as.c io.c json.c \ encoding.c print.c validate.c cert.c crl.c mft.c repo-dummy.c run-regress-test-roa: test-roa ./test-roa -v ${.CURDIR}/../roa/*.roa -SRCS_test-rsc+= test-rsc.c rsc.c cms.c x509.c ip.c as.c io.c log.c \ +SRCS_test-rsc+= test-rsc.c rsc.c cms.c x509.c ip.c as.c io.c \ encoding.c print.c validate.c cert.c crl.c mft.c json.c run-regress-test-rsc: test-rsc ./test-rsc -v ${.CURDIR}/../rsc/*.sig -SRCS_test-gbr+= test-gbr.c gbr.c cms.c crl.c x509.c ip.c io.c log.c \ +SRCS_test-gbr+= test-gbr.c gbr.c cms.c crl.c x509.c ip.c io.c \ encoding.c print.c validate.c as.c cert.c mft.c json.c run-regress-test-gbr: test-gbr ./test-gbr -v ${.CURDIR}/../gbr/*.gbr -SRCS_test-geofeed+= test-geofeed.c geofeed.c cms.c x509.c ip.c io.c log.c \ +SRCS_test-geofeed+= test-geofeed.c geofeed.c cms.c x509.c ip.c io.c \ encoding.c print.c validate.c as.c cert.c crl.c mft.c json.c run-regress-test-geofeed: test-geofeed ./test-geofeed -v ${.CURDIR}/../geofeed/*.csv -SRCS_test-tal+= test-tal.c tal.c ip.c io.c log.c validate.c cms.c \ +SRCS_test-tal+= test-tal.c tal.c ip.c io.c validate.c cms.c \ encoding.c print.c crl.c x509.c json.c cert.c as.c mft.c run-regress-test-tal: test-tal ./test-tal -v ${.CURDIR}/../tal/*.tal -SRCS_test-aspa+= test-aspa.c aspa.c cms.c x509.c ip.c as.c io.c log.c \ +SRCS_test-aspa+= test-aspa.c aspa.c cms.c x509.c ip.c as.c io.c \ encoding.c print.c validate.c cert.c crl.c mft.c repo-dummy.c \ json.c run-regress-test-aspa: test-aspa ./test-aspa -v ${.CURDIR}/../aspa/*.asa -SRCS_test-tak+= test-tak.c tak.c cms.c x509.c ip.c as.c io.c log.c \ +SRCS_test-tak+= test-tak.c tak.c cms.c x509.c ip.c as.c io.c \ encoding.c print.c validate.c cert.c crl.c mft.c json.c run-regress-test-tak: test-tak ./test-tak -v ${.CURDIR}/../tak/*.tak SRCS_test-rrdp+= test-rrdp.c rrdp_delta.c rrdp_notification.c cms.c \ rrdp_snapshot.c rrdp_util.c cert.c as.c mft.c io.c \ - log.c encoding.c ip.c validate.c crl.c x509.c + encoding.c ip.c validate.c crl.c x509.c LDADD_test-rrdp+= -lexpat ${LDADD} DPADD_test-rrdp+= ${LIBEXPAT} ${DPADD} run-regress-test-rrdp: test-rrdp diff --git a/sys/dev/pci/pcidevs b/sys/dev/pci/pcidevs index 62fb70b73..2cf293c3b 100644 --- a/sys/dev/pci/pcidevs +++ b/sys/dev/pci/pcidevs @@ -1,4 +1,4 @@ -$OpenBSD: pcidevs,v 1.2040 2023/06/27 15:30:25 stsp Exp $ +$OpenBSD: pcidevs,v 1.2041 2023/06/29 07:58:15 jsg Exp $ /* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */ /* @@ -5611,7 +5611,9 @@ product INTEL ADL_HX_HB_2 0x463b Core 12G Host product INTEL ADL_PCIE_1 0x463d Core 12G PCIE product INTEL ADL_TBT_DMA0 0x463e Core 12G TBT product INTEL ADL_TBT_PCIE1 0x463f Core 12G PCIE +product INTEL RPL_S_HB_1 0x4640 Core 13G Host product INTEL ADL_HP_HB_1 0x4641 Core 12G Host +product INTEL RPL_HX_HB_1 0x4647 Core 13G Host product INTEL ADL_S_HB_3 0x4648 Core 12G Host product INTEL ADL_H_HB_1 0x4649 Core 12G Host product INTEL ADL_S_PCIE_3 0x464d Core 12G PCIE @@ -5829,6 +5831,7 @@ product INTEL EP80579_LAN_5 0x5045 EP80579 LAN product INTEL EP80579_LAN_3 0x5048 EP80579 LAN product INTEL EP80579_LAN_6 0x5049 EP80579 LAN product INTEL 600SERIES_LP_ESPI 0x5182 600 Series eSPI +product INTEL 700SERIES_LP_ESPI 0x519d 700 Series eSPI product INTEL 600SERIES_LP_P2SB 0x51a0 600 Series P2SB product INTEL 600SERIES_LP_PMC 0x51a1 600 Series PMC product INTEL 600SERIES_LP_SMB 0x51a3 600 Series SMBus @@ -5854,6 +5857,7 @@ product INTEL 600SERIES_LP_I2C_0 0x51c5 600 Series I2C product INTEL 600SERIES_LP_I2C_1 0x51c6 600 Series I2C product INTEL 600SERIES_LP_UART_2 0x51c7 600 Series UART product INTEL 600SERIES_LP_HDA 0x51c8 600 Series HD Audio +product INTEL 700SERIES_LP_HDA 0x51ca 700 Series HD Audio product INTEL 600SERIES_LP_THC_0 0x51d0 600 Series THC product INTEL 600SERIES_LP_THC_1 0x51d1 600 Series THC product INTEL 600SERIES_LP_AHCI 0x51d3 600 Series AHCI @@ -6930,8 +6934,37 @@ product INTEL 400SERIES_V_PCIE_20 0xa3ea 400 Series PCIE product INTEL 400SERIES_V_PCIE_21 0xa3eb 400 Series PCIE product INTEL 400SERIES_V_PCIE_22 0xa3ec 400 Series PCIE product INTEL 400SERIES_V_PCIE_23 0xa3ed 400 Series PCIE +product INTEL RPL_S_HB_2 0xa700 Core 13G Host +product INTEL RPL_HX_HB_2 0xa702 Core 13G Host +product INTEL RPL_S_HB_3 0xa703 Core 13G Host +product INTEL RPL_S_HB_4 0xa704 Core 13G Host +product INTEL RPL_S_HB_5 0xa705 Core 13G Host +product INTEL RPL_H_HB_1 0xa706 Core 13G Host +product INTEL RPL_H_HB_2 0xa707 Core 13G Host +product INTEL RPL_U_HB_1 0xa708 Core 13G Host +product INTEL RPL_PCIE_1 0xa70d Core 13G PCIE +product INTEL RPL_H_HB_3 0xa716 Core 13G Host +product INTEL RPL_HX_HB_3 0xa719 Core 13G Host +product INTEL RPL_U_HB_2 0xa71b Core 13G Host +product INTEL RPL_U_HB_3 0xa71c Core 13G Host +product INTEL RPL_DTT 0xa71d Core 13G DTT +product INTEL RPL_XHCI 0xa71e Core 13G xHCI product INTEL RPL_P_GT_1 0xa720 Graphics product INTEL RPL_P_GT_2 0xa721 Graphics +product INTEL RPL_HX_HB_4 0xa728 Core 13G Host +product INTEL RPL_HX_HB_5 0xa729 Core 13G Host +product INTEL RPL_HX_HB_6 0xa72a Core 13G Host +product INTEL RPL_PCIE_2 0xa72d Core 13G PCIE +product INTEL RPL_TBT_PCIE2 0xa72f Core 13G PCIE +product INTEL RPL_TBT_DMA0 0xa73e Core 13G TBT +product INTEL RPL_PCIE_3 0xa74d Core 13G PCIE +product INTEL RPL_GNA 0xa74f Core 13G GNA +product INTEL RPL_IPU 0xa75d Core 13G IPU +product INTEL RPL_TBT_DMA1 0xa76d Core 13G TBT +product INTEL RPL_TBT_PCIE0 0xa76e Core 13G PCIE +product INTEL RPL_TH 0xa76f Core 13G TH +product INTEL RPL_CL 0xa77d Core 13G CL +product INTEL RPL_VMD 0xa77f Core 13G VMD product INTEL RPL_S_GT_1 0xa780 Graphics product INTEL RPL_S_GT_2 0xa781 Graphics product INTEL RPL_S_GT_3 0xa782 Graphics diff --git a/sys/dev/pci/pcidevs.h b/sys/dev/pci/pcidevs.h index 31843d0c0..3a14e5277 100644 --- a/sys/dev/pci/pcidevs.h +++ b/sys/dev/pci/pcidevs.h @@ -2,7 +2,7 @@ * THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT. * * generated from: - * OpenBSD: pcidevs,v 1.2040 2023/06/27 15:30:25 stsp Exp + * OpenBSD: pcidevs,v 1.2041 2023/06/29 07:58:15 jsg Exp */ /* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */ @@ -5616,7 +5616,9 @@ #define PCI_PRODUCT_INTEL_ADL_PCIE_1 0x463d /* Core 12G PCIE */ #define PCI_PRODUCT_INTEL_ADL_TBT_DMA0 0x463e /* Core 12G TBT */ #define PCI_PRODUCT_INTEL_ADL_TBT_PCIE1 0x463f /* Core 12G PCIE */ +#define PCI_PRODUCT_INTEL_RPL_S_HB_1 0x4640 /* Core 13G Host */ #define PCI_PRODUCT_INTEL_ADL_HP_HB_1 0x4641 /* Core 12G Host */ +#define PCI_PRODUCT_INTEL_RPL_HX_HB_1 0x4647 /* Core 13G Host */ #define PCI_PRODUCT_INTEL_ADL_S_HB_3 0x4648 /* Core 12G Host */ #define PCI_PRODUCT_INTEL_ADL_H_HB_1 0x4649 /* Core 12G Host */ #define PCI_PRODUCT_INTEL_ADL_S_PCIE_3 0x464d /* Core 12G PCIE */ @@ -5834,6 +5836,7 @@ #define PCI_PRODUCT_INTEL_EP80579_LAN_3 0x5048 /* EP80579 LAN */ #define PCI_PRODUCT_INTEL_EP80579_LAN_6 0x5049 /* EP80579 LAN */ #define PCI_PRODUCT_INTEL_600SERIES_LP_ESPI 0x5182 /* 600 Series eSPI */ +#define PCI_PRODUCT_INTEL_700SERIES_LP_ESPI 0x519d /* 700 Series eSPI */ #define PCI_PRODUCT_INTEL_600SERIES_LP_P2SB 0x51a0 /* 600 Series P2SB */ #define PCI_PRODUCT_INTEL_600SERIES_LP_PMC 0x51a1 /* 600 Series PMC */ #define PCI_PRODUCT_INTEL_600SERIES_LP_SMB 0x51a3 /* 600 Series SMBus */ @@ -5859,6 +5862,7 @@ #define PCI_PRODUCT_INTEL_600SERIES_LP_I2C_1 0x51c6 /* 600 Series I2C */ #define PCI_PRODUCT_INTEL_600SERIES_LP_UART_2 0x51c7 /* 600 Series UART */ #define PCI_PRODUCT_INTEL_600SERIES_LP_HDA 0x51c8 /* 600 Series HD Audio */ +#define PCI_PRODUCT_INTEL_700SERIES_LP_HDA 0x51ca /* 700 Series HD Audio */ #define PCI_PRODUCT_INTEL_600SERIES_LP_THC_0 0x51d0 /* 600 Series THC */ #define PCI_PRODUCT_INTEL_600SERIES_LP_THC_1 0x51d1 /* 600 Series THC */ #define PCI_PRODUCT_INTEL_600SERIES_LP_AHCI 0x51d3 /* 600 Series AHCI */ @@ -6935,8 +6939,37 @@ #define PCI_PRODUCT_INTEL_400SERIES_V_PCIE_21 0xa3eb /* 400 Series PCIE */ #define PCI_PRODUCT_INTEL_400SERIES_V_PCIE_22 0xa3ec /* 400 Series PCIE */ #define PCI_PRODUCT_INTEL_400SERIES_V_PCIE_23 0xa3ed /* 400 Series PCIE */ +#define PCI_PRODUCT_INTEL_RPL_S_HB_2 0xa700 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_HX_HB_2 0xa702 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_S_HB_3 0xa703 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_S_HB_4 0xa704 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_S_HB_5 0xa705 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_H_HB_1 0xa706 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_H_HB_2 0xa707 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_U_HB_1 0xa708 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_PCIE_1 0xa70d /* Core 13G PCIE */ +#define PCI_PRODUCT_INTEL_RPL_H_HB_3 0xa716 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_HX_HB_3 0xa719 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_U_HB_2 0xa71b /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_U_HB_3 0xa71c /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_DTT 0xa71d /* Core 13G DTT */ +#define PCI_PRODUCT_INTEL_RPL_XHCI 0xa71e /* Core 13G xHCI */ #define PCI_PRODUCT_INTEL_RPL_P_GT_1 0xa720 /* Graphics */ #define PCI_PRODUCT_INTEL_RPL_P_GT_2 0xa721 /* Graphics */ +#define PCI_PRODUCT_INTEL_RPL_HX_HB_4 0xa728 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_HX_HB_5 0xa729 /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_HX_HB_6 0xa72a /* Core 13G Host */ +#define PCI_PRODUCT_INTEL_RPL_PCIE_2 0xa72d /* Core 13G PCIE */ +#define PCI_PRODUCT_INTEL_RPL_TBT_PCIE2 0xa72f /* Core 13G PCIE */ +#define PCI_PRODUCT_INTEL_RPL_TBT_DMA0 0xa73e /* Core 13G TBT */ +#define PCI_PRODUCT_INTEL_RPL_PCIE_3 0xa74d /* Core 13G PCIE */ +#define PCI_PRODUCT_INTEL_RPL_GNA 0xa74f /* Core 13G GNA */ +#define PCI_PRODUCT_INTEL_RPL_IPU 0xa75d /* Core 13G IPU */ +#define PCI_PRODUCT_INTEL_RPL_TBT_DMA1 0xa76d /* Core 13G TBT */ +#define PCI_PRODUCT_INTEL_RPL_TBT_PCIE0 0xa76e /* Core 13G PCIE */ +#define PCI_PRODUCT_INTEL_RPL_TH 0xa76f /* Core 13G TH */ +#define PCI_PRODUCT_INTEL_RPL_CL 0xa77d /* Core 13G CL */ +#define PCI_PRODUCT_INTEL_RPL_VMD 0xa77f /* Core 13G VMD */ #define PCI_PRODUCT_INTEL_RPL_S_GT_1 0xa780 /* Graphics */ #define PCI_PRODUCT_INTEL_RPL_S_GT_2 0xa781 /* Graphics */ #define PCI_PRODUCT_INTEL_RPL_S_GT_3 0xa782 /* Graphics */ diff --git a/sys/dev/pci/pcidevs_data.h b/sys/dev/pci/pcidevs_data.h index 265a5d6df..88740c36a 100644 --- a/sys/dev/pci/pcidevs_data.h +++ b/sys/dev/pci/pcidevs_data.h @@ -2,7 +2,7 @@ * THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT. * * generated from: - * OpenBSD: pcidevs,v 1.2040 2023/06/27 15:30:25 stsp Exp + * OpenBSD: pcidevs,v 1.2041 2023/06/29 07:58:15 jsg Exp */ /* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */ @@ -19819,10 +19819,18 @@ static const struct pci_known_product pci_known_products[] = { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_ADL_TBT_PCIE1, "Core 12G PCIE", }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_S_HB_1, + "Core 13G Host", + }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_ADL_HP_HB_1, "Core 12G Host", }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_HX_HB_1, + "Core 13G Host", + }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_ADL_S_HB_3, "Core 12G Host", @@ -20691,6 +20699,10 @@ static const struct pci_known_product pci_known_products[] = { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_600SERIES_LP_ESPI, "600 Series eSPI", }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_700SERIES_LP_ESPI, + "700 Series eSPI", + }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_600SERIES_LP_P2SB, "600 Series P2SB", @@ -20791,6 +20803,10 @@ static const struct pci_known_product pci_known_products[] = { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_600SERIES_LP_HDA, "600 Series HD Audio", }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_700SERIES_LP_HDA, + "700 Series HD Audio", + }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_600SERIES_LP_THC_0, "600 Series THC", @@ -25095,6 +25111,66 @@ static const struct pci_known_product pci_known_products[] = { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_400SERIES_V_PCIE_23, "400 Series PCIE", }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_S_HB_2, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_HX_HB_2, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_S_HB_3, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_S_HB_4, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_S_HB_5, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_H_HB_1, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_H_HB_2, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_U_HB_1, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_PCIE_1, + "Core 13G PCIE", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_H_HB_3, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_HX_HB_3, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_U_HB_2, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_U_HB_3, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_DTT, + "Core 13G DTT", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_XHCI, + "Core 13G xHCI", + }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_P_GT_1, "Graphics", @@ -25103,6 +25179,62 @@ static const struct pci_known_product pci_known_products[] = { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_P_GT_2, "Graphics", }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_HX_HB_4, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_HX_HB_5, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_HX_HB_6, + "Core 13G Host", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_PCIE_2, + "Core 13G PCIE", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_TBT_PCIE2, + "Core 13G PCIE", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_TBT_DMA0, + "Core 13G TBT", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_PCIE_3, + "Core 13G PCIE", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_GNA, + "Core 13G GNA", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_IPU, + "Core 13G IPU", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_TBT_DMA1, + "Core 13G TBT", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_TBT_PCIE0, + "Core 13G PCIE", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_TH, + "Core 13G TH", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_CL, + "Core 13G CL", + }, + { + PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_VMD, + "Core 13G VMD", + }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_RPL_S_GT_1, "Graphics", diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index cfcb0c1e4..6ec6d273b 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.409 2023/06/28 15:36:08 kn Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.410 2023/06/28 21:33:35 sashan Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1506,11 +1506,15 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) int i; t = pf_find_trans(minor(dev), pr->ticket); - if (t == NULL) - return (ENXIO); + if (t == NULL) { + error = ENXIO; + goto fail; + } KASSERT(t->pft_unit == minor(dev)); - if (t->pft_type != PF_TRANS_GETRULE) - return (EINVAL); + if (t->pft_type != PF_TRANS_GETRULE) { + error = EINVAL; + goto fail; + } NET_LOCK(); PF_LOCK(); diff --git a/usr.bin/ftp/Makefile b/usr.bin/ftp/Makefile index 38480bfae..fcda3f80f 100644 --- a/usr.bin/ftp/Makefile +++ b/usr.bin/ftp/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.35 2021/02/16 16:27:34 naddy Exp $ +# $OpenBSD: Makefile,v 1.37 2023/06/28 17:36:51 op Exp $ # Define SMALL to disable command line editing and some other features, # NOSSL to disable https support. diff --git a/usr.bin/ftp/fetch.c b/usr.bin/ftp/fetch.c index eb4c872b7..02911b534 100644 --- a/usr.bin/ftp/fetch.c +++ b/usr.bin/ftp/fetch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fetch.c,v 1.215 2023/06/28 11:07:28 op Exp $ */ +/* $OpenBSD: fetch.c,v 1.216 2023/06/28 17:35:06 op Exp $ */ /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */ /*- @@ -891,7 +891,6 @@ noslash: if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) { cp += sizeof(CONTENTLEN) - 1; cp += strspn(cp, " \t"); - cp[strcspn(cp, " \t")] = '\0'; filesize = strtonum(cp, 0, LLONG_MAX, &errstr); if (errstr != NULL) goto improper; @@ -964,10 +963,8 @@ noslash: #define RETRYAFTER "Retry-After:" } else if (isunavail && strncasecmp(cp, RETRYAFTER, sizeof(RETRYAFTER) - 1) == 0) { - size_t s; cp += sizeof(RETRYAFTER) - 1; cp += strspn(cp, " \t"); - cp[strcspn(cp, " \t")] = '\0'; retryafter = strtonum(cp, 0, 0, &errstr); if (errstr != NULL) retryafter = -1; @@ -976,7 +973,6 @@ noslash: sizeof(TRANSFER_ENCODING) - 1) == 0) { cp += sizeof(TRANSFER_ENCODING) - 1; cp += strspn(cp, " \t"); - cp[strcspn(cp, " \t")] = '\0'; if (strcasecmp(cp, "chunked") == 0) chunked = 1; #ifndef SMALL @@ -985,7 +981,6 @@ noslash: sizeof(LAST_MODIFIED) - 1) == 0) { cp += sizeof(LAST_MODIFIED) - 1; cp += strspn(cp, " \t"); - cp[strcspn(cp, "\t")] = '\0'; if (strptime(cp, "%a, %d %h %Y %T %Z", &lmt) == NULL) server_timestamps = 0; #endif /* !SMALL */ diff --git a/usr.sbin/relayd/pfe_route.c b/usr.sbin/relayd/pfe_route.c index b968a340e..4850aef9b 100644 --- a/usr.sbin/relayd/pfe_route.c +++ b/usr.sbin/relayd/pfe_route.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfe_route.c,v 1.12 2017/05/28 10:39:15 benno Exp $ */ +/* $OpenBSD: pfe_route.c,v 1.14 2023/06/29 16:24:53 claudio Exp $ */ /* * Copyright (c) 2009 - 2011 Reyk Floeter @@ -19,12 +19,14 @@ #include #include #include +#include #include #include #include #include +#include #include #include #include @@ -32,24 +34,6 @@ #include "relayd.h" -struct relay_rtmsg { - struct rt_msghdr rm_hdr; - union { - struct { - struct sockaddr_in rm_dst; - struct sockaddr_in rm_gateway; - struct sockaddr_in rm_netmask; - struct sockaddr_rtlabel rm_label; - } u4; - struct { - struct sockaddr_in6 rm_dst; - struct sockaddr_in6 rm_gateway; - struct sockaddr_in6 rm_netmask; - struct sockaddr_rtlabel rm_label; - } u6; - } rm_u; -}; - void init_routes(struct relayd *env) { @@ -103,110 +87,97 @@ sync_routes(struct relayd *env, struct router *rt) } } +static void +pfe_apply_prefixlen(struct sockaddr_storage *ss, int af, int len) +{ + int q, r, off; + uint8_t *b = (uint8_t *)ss; + + q = len >> 3; + r = len & 7; + + bzero(ss, sizeof(*ss)); + ss->ss_family = af; + switch (af) { + case AF_INET: + ss->ss_len = sizeof(struct sockaddr_in); + off = offsetof(struct sockaddr_in, sin_addr); + break; + case AF_INET6: + ss->ss_len = sizeof(struct sockaddr_in6); + off = offsetof(struct sockaddr_in6, sin6_addr); + break; + default: + fatal("%s: invalid address family", __func__); + } + if (q > 0) + memset(b + off, 0xff, q); + if (r > 0) + b[off + q] = (0xff00 >> r) & 0xff; +} + +#define ROUNDUP(a) \ + ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) + int pfe_route(struct relayd *env, struct ctl_netroute *crt) { - struct relay_rtmsg rm; - struct sockaddr_rtlabel sr; - struct sockaddr_storage *gw; - struct sockaddr_in *s4; - struct sockaddr_in6 *s6; - size_t len = 0; + struct iovec iov[5]; + struct rt_msghdr hdr; + struct sockaddr_storage dst, gw, mask, label; + struct sockaddr_rtlabel *sr = (struct sockaddr_rtlabel *)&label; + int iovcnt = 0; char *gwname; - int i = 0; - gw = &crt->host.ss; + bzero(&hdr, sizeof(hdr)); + hdr.rtm_msglen = sizeof(hdr); + hdr.rtm_version = RTM_VERSION; + hdr.rtm_type = HOST_ISUP(crt->up) ? RTM_ADD : RTM_DELETE; + hdr.rtm_flags = RTF_STATIC | RTF_GATEWAY | RTF_MPATH; + hdr.rtm_seq = env->sc_rtseq++; + hdr.rtm_addrs = RTA_DST | RTA_GATEWAY | RTA_NETMASK; + hdr.rtm_tableid = crt->rt.rtable; + hdr.rtm_priority = crt->host.priority; + + iov[iovcnt].iov_base = &hdr; + iov[iovcnt++].iov_len = sizeof(hdr); + + dst = crt->nr.ss; + gw = crt->host.ss; gwname = crt->host.name; + pfe_apply_prefixlen(&mask, dst.ss_family, crt->nr.prefixlen); - bzero(&rm, sizeof(rm)); - bzero(&sr, sizeof(sr)); + iov[iovcnt].iov_base = &dst; + iov[iovcnt++].iov_len = ROUNDUP(dst.ss_len); + hdr.rtm_msglen += ROUNDUP(dst.ss_len); - rm.rm_hdr.rtm_msglen = len; - rm.rm_hdr.rtm_version = RTM_VERSION; - rm.rm_hdr.rtm_type = HOST_ISUP(crt->up) ? RTM_ADD : RTM_DELETE; - rm.rm_hdr.rtm_flags = RTF_STATIC | RTF_GATEWAY | RTF_MPATH; - rm.rm_hdr.rtm_seq = env->sc_rtseq++; - rm.rm_hdr.rtm_addrs = RTA_DST | RTA_GATEWAY; - rm.rm_hdr.rtm_tableid = crt->rt.rtable; - rm.rm_hdr.rtm_priority = crt->host.priority; + iov[iovcnt].iov_base = &gw; + iov[iovcnt++].iov_len = ROUNDUP(gw.ss_len); + hdr.rtm_msglen += ROUNDUP(gw.ss_len); + + iov[iovcnt].iov_base = &mask; + iov[iovcnt++].iov_len = ROUNDUP(mask.ss_len); + hdr.rtm_msglen += ROUNDUP(mask.ss_len); if (strlen(crt->rt.label)) { - rm.rm_hdr.rtm_addrs |= RTA_LABEL; - sr.sr_len = sizeof(sr); - if (snprintf(sr.sr_label, sizeof(sr.sr_label), - "%s", crt->rt.label) == -1) - goto bad; + sr->sr_len = sizeof(*sr); + strlcpy(sr->sr_label, crt->rt.label, sizeof(sr->sr_label)); + + iov[iovcnt].iov_base = &label; + iov[iovcnt++].iov_len = ROUNDUP(label.ss_len); + hdr.rtm_msglen += ROUNDUP(label.ss_len); + hdr.rtm_addrs |= RTA_LABEL; } - if (crt->nr.ss.ss_family == AF_INET) { - rm.rm_hdr.rtm_msglen = len = - sizeof(rm.rm_hdr) + sizeof(rm.rm_u.u4); - - bcopy(&sr, &rm.rm_u.u4.rm_label, sizeof(sr)); - - s4 = &rm.rm_u.u4.rm_dst; - s4->sin_family = AF_INET; - s4->sin_len = sizeof(rm.rm_u.u4.rm_dst); - s4->sin_addr.s_addr = - ((struct sockaddr_in *)&crt->nr.ss)->sin_addr.s_addr; - - s4 = &rm.rm_u.u4.rm_gateway; - s4->sin_family = AF_INET; - s4->sin_len = sizeof(rm.rm_u.u4.rm_gateway); - s4->sin_addr.s_addr = - ((struct sockaddr_in *)gw)->sin_addr.s_addr; - - rm.rm_hdr.rtm_addrs |= RTA_NETMASK; - s4 = &rm.rm_u.u4.rm_netmask; - s4->sin_family = AF_INET; - s4->sin_len = sizeof(rm.rm_u.u4.rm_netmask); - if (crt->nr.prefixlen) - s4->sin_addr.s_addr = - htonl(0xffffffff << (32 - crt->nr.prefixlen)); - else if (crt->nr.prefixlen < 0) - rm.rm_hdr.rtm_flags |= RTF_HOST; - } else if (crt->nr.ss.ss_family == AF_INET6) { - rm.rm_hdr.rtm_msglen = len = - sizeof(rm.rm_hdr) + sizeof(rm.rm_u.u6); - - bcopy(&sr, &rm.rm_u.u6.rm_label, sizeof(sr)); - - s6 = &rm.rm_u.u6.rm_dst; - bcopy(((struct sockaddr_in6 *)&crt->nr.ss), - s6, sizeof(*s6)); - s6->sin6_family = AF_INET6; - s6->sin6_len = sizeof(*s6); - - s6 = &rm.rm_u.u6.rm_gateway; - bcopy(((struct sockaddr_in6 *)gw), s6, sizeof(*s6)); - s6->sin6_family = AF_INET6; - s6->sin6_len = sizeof(*s6); - - rm.rm_hdr.rtm_addrs |= RTA_NETMASK; - s6 = &rm.rm_u.u6.rm_netmask; - s6->sin6_family = AF_INET6; - s6->sin6_len = sizeof(*s6); - if (crt->nr.prefixlen) { - for (i = 0; i < crt->nr.prefixlen / 8; i++) - s6->sin6_addr.s6_addr[i] = 0xff; - i = crt->nr.prefixlen % 8; - if (i) - s6->sin6_addr.s6_addr[crt->nr.prefixlen - / 8] = 0xff00 >> i; - } else if (crt->nr.prefixlen < 0) - rm.rm_hdr.rtm_flags |= RTF_HOST; - } else - fatal("%s: invalid address family", __func__); - retry: - if (write(env->sc_rtsock, &rm, len) == -1) { + if (writev(env->sc_rtsock, iov, iovcnt) == -1) { switch (errno) { case EEXIST: case ESRCH: - if (rm.rm_hdr.rtm_type == RTM_ADD) { - rm.rm_hdr.rtm_type = RTM_CHANGE; + if (hdr.rtm_type == RTM_ADD) { + hdr.rtm_type = RTM_CHANGE; goto retry; - } else if (rm.rm_hdr.rtm_type == RTM_DELETE) { + } else if (hdr.rtm_type == RTM_DELETE) { /* Ignore */ break; } diff --git a/usr.sbin/rpki-client/Makefile b/usr.sbin/rpki-client/Makefile index 1b5b3308e..660d4533c 100644 --- a/usr.sbin/rpki-client/Makefile +++ b/usr.sbin/rpki-client/Makefile @@ -1,8 +1,8 @@ -# $OpenBSD: Makefile,v 1.31 2023/06/12 14:56:38 claudio Exp $ +# $OpenBSD: Makefile,v 1.32 2023/06/29 10:28:25 tb Exp $ PROG= rpki-client SRCS= as.c aspa.c cert.c cms.c crl.c encoding.c filemode.c gbr.c geofeed.c \ - http.c io.c ip.c json.c log.c main.c mft.c mkdir.c ometric.c output.c \ + http.c io.c ip.c json.c main.c mft.c mkdir.c ometric.c output.c \ output-bgpd.c output-bird.c output-csv.c output-json.c \ output-ometric.c parser.c print.c repo.c roa.c rrdp.c rrdp_delta.c \ rrdp_notification.c rrdp_snapshot.c rrdp_util.c rsc.c rsync.c tak.c \ diff --git a/usr.sbin/rpki-client/aspa.c b/usr.sbin/rpki-client/aspa.c index 35c8ffa51..ead8cc9c5 100644 --- a/usr.sbin/rpki-client/aspa.c +++ b/usr.sbin/rpki-client/aspa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: aspa.c,v 1.20 2023/06/28 17:24:20 tb Exp $ */ +/* $OpenBSD: aspa.c,v 1.21 2023/06/29 14:33:35 tb Exp $ */ /* * Copyright (c) 2022 Job Snijders * Copyright (c) 2022 Theo Buehler @@ -369,7 +369,7 @@ aspa_insert_vaps(struct vap_tree *tree, struct aspa *aspa, struct repo *rp) aspa->providers[i] < v->providers[j]) { /* merge provider from aspa into v */ repo_stat_inc(rp, v->talid, RTYPE_ASPA, - STYPE_BOTH + aspa->providers[i]); + STYPE_PROVIDERS); insert_vap(v, j, &aspa->providers[i]); i++; } else if (aspa->providers[i] == v->providers[j]) diff --git a/usr.sbin/rpki-client/cert.c b/usr.sbin/rpki-client/cert.c index 508e48a3e..c1b12b10c 100644 --- a/usr.sbin/rpki-client/cert.c +++ b/usr.sbin/rpki-client/cert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cert.c,v 1.113 2023/06/24 04:15:14 tb Exp $ */ +/* $OpenBSD: cert.c,v 1.114 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2021 Job Snijders @@ -167,13 +167,13 @@ sbgp_assysnum(struct parse *p, X509_EXTENSION *ext) int i, rc = 0; if (!X509_EXTENSION_get_critical(ext)) { - cryptowarnx("%s: RFC 6487 section 4.8.11: autonomousSysNum: " + warnx("%s: RFC 6487 section 4.8.11: autonomousSysNum: " "extension not critical", p->fn); goto out; } if ((asidentifiers = X509V3_EXT_d2i(ext)) == NULL) { - cryptowarnx("%s: RFC 6487 section 4.8.11: autonomousSysNum: " + warnx("%s: RFC 6487 section 4.8.11: autonomousSysNum: " "failed extension parse", p->fn); goto out; } @@ -348,13 +348,13 @@ sbgp_ipaddrblk(struct parse *p, X509_EXTENSION *ext) int i, j, rc = 0; if (!X509_EXTENSION_get_critical(ext)) { - cryptowarnx("%s: RFC 6487 section 4.8.10: sbgp-ipAddrBlock: " + warnx("%s: RFC 6487 section 4.8.10: sbgp-ipAddrBlock: " "extension not critical", p->fn); goto out; } if ((addrblk = X509V3_EXT_d2i(ext)) == NULL) { - cryptowarnx("%s: RFC 6487 section 4.8.10: sbgp-ipAddrBlock: " + warnx("%s: RFC 6487 section 4.8.10: sbgp-ipAddrBlock: " "failed extension parse", p->fn); goto out; } @@ -453,8 +453,8 @@ sbgp_sia(struct parse *p, X509_EXTENSION *ext) } if ((sia = X509V3_EXT_d2i(ext)) == NULL) { - cryptowarnx("%s: RFC 6487 section 4.8.8: SIA: " - "failed extension parse", p->fn); + warnx("%s: RFC 6487 section 4.8.8: SIA: failed extension parse", + p->fn); goto out; } @@ -530,13 +530,13 @@ certificate_policies(struct parse *p, X509_EXTENSION *ext) int rc = 0; if (!X509_EXTENSION_get_critical(ext)) { - cryptowarnx("%s: RFC 6487 section 4.8.9: certificatePolicies: " + warnx("%s: RFC 6487 section 4.8.9: certificatePolicies: " "extension not critical", p->fn); goto out; } if ((policies = X509V3_EXT_d2i(ext)) == NULL) { - cryptowarnx("%s: RFC 6487 section 4.8.9: certificatePolicies: " + warnx("%s: RFC 6487 section 4.8.9: certificatePolicies: " "failed extension parse", p->fn); goto out; } @@ -641,7 +641,7 @@ cert_parse_ee_cert(const char *fn, X509 *x) } if (!X509_up_ref(x)) { - cryptowarnx("%s: X509_up_ref failed", fn); + warnx("%s: X509_up_ref failed", fn); goto out; } @@ -688,7 +688,7 @@ cert_parse_pre(const char *fn, const unsigned char *der, size_t len) oder = der; if ((x = d2i_X509(NULL, &der, len)) == NULL) { - cryptowarnx("%s: d2i_X509", p.fn); + warnx("%s: d2i_X509", p.fn); goto out; } if (der != oder + len) { @@ -698,7 +698,7 @@ cert_parse_pre(const char *fn, const unsigned char *der, size_t len) /* Cache X509v3 extensions, see X509_check_ca(3). */ if (X509_check_purpose(x, -1, -1) <= 0) { - cryptowarnx("%s: could not cache X509v3 extensions", p.fn); + warnx("%s: could not cache X509v3 extensions", p.fn); goto out; } @@ -709,7 +709,7 @@ cert_parse_pre(const char *fn, const unsigned char *der, size_t len) X509_get0_signature(NULL, &palg, x); if (palg == NULL) { - cryptowarnx("%s: X509_get0_signature", p.fn); + warnx("%s: X509_get0_signature", p.fn); goto out; } X509_ALGOR_get0(&cobj, NULL, NULL, palg); @@ -730,7 +730,7 @@ cert_parse_pre(const char *fn, const unsigned char *der, size_t len) /* Look for X509v3 extensions. */ if ((extsz = X509_get_ext_count(x)) < 0) - cryptoerrx("X509_get_ext_count"); + errx(1, "X509_get_ext_count"); for (i = 0; i < (size_t)extsz; i++) { ext = X509_get_ext(x, i); @@ -941,15 +941,15 @@ ta_parse(const char *fn, struct cert *p, const unsigned char *pkey, /* first check pubkey against the one from the TAL */ pk = d2i_PUBKEY(NULL, &pkey, pkeysz); if (pk == NULL) { - cryptowarnx("%s: RFC 6487 (trust anchor): bad TAL pubkey", fn); + warnx("%s: RFC 6487 (trust anchor): bad TAL pubkey", fn); goto badcert; } if ((opk = X509_get0_pubkey(p->x509)) == NULL) { - cryptowarnx("%s: RFC 6487 (trust anchor): missing pubkey", fn); + warnx("%s: RFC 6487 (trust anchor): missing pubkey", fn); goto badcert; } if (EVP_PKEY_cmp(pk, opk) != 1) { - cryptowarnx("%s: RFC 6487 (trust anchor): " + warnx("%s: RFC 6487 (trust anchor): " "pubkey does not match TAL pubkey", fn); goto badcert; } diff --git a/usr.sbin/rpki-client/cms.c b/usr.sbin/rpki-client/cms.c index 1d31beb09..43d0537fa 100644 --- a/usr.sbin/rpki-client/cms.c +++ b/usr.sbin/rpki-client/cms.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cms.c,v 1.37 2023/06/20 02:46:18 job Exp $ */ +/* $OpenBSD: cms.c,v 1.38 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -123,7 +123,7 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der, oder = der; if ((cms = d2i_CMS_ContentInfo(NULL, &der, len)) == NULL) { - cryptowarnx("%s: RFC 6488: failed CMS parse", fn); + warnx("%s: RFC 6488: failed CMS parse", fn); goto out; } if (der != oder + len) { @@ -137,7 +137,7 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der, */ if (!CMS_verify(cms, NULL, NULL, bio, NULL, CMS_NO_SIGNER_CERT_VERIFY)) { - cryptowarnx("%s: CMS verification error", fn); + warnx("%s: CMS verification error", fn); goto out; } @@ -156,14 +156,14 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der, goto out; } if (sk_CMS_SignerInfo_num(sinfos) != 1) { - cryptowarnx("%s: RFC 6488: CMS has multiple signerInfos", fn); + warnx("%s: RFC 6488: CMS has multiple signerInfos", fn); goto out; } si = sk_CMS_SignerInfo_value(sinfos, 0); nattrs = CMS_signed_get_attr_count(si); if (nattrs <= 0) { - cryptowarnx("%s: RFC 6488: error extracting signedAttrs", fn); + warnx("%s: RFC 6488: error extracting signedAttrs", fn); goto out; } for (i = 0; i < nattrs; i++) { @@ -171,31 +171,31 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der, attr = CMS_signed_get_attr(si, i); if (attr == NULL || X509_ATTRIBUTE_count(attr) != 1) { - cryptowarnx("%s: RFC 6488: " - "bad signed attribute encoding", fn); + warnx("%s: RFC 6488: bad signed attribute encoding", + fn); goto out; } obj = X509_ATTRIBUTE_get0_object(attr); if (obj == NULL) { - cryptowarnx("%s: RFC 6488: bad signed attribute", fn); + warnx("%s: RFC 6488: bad signed attribute", fn); goto out; } if (OBJ_cmp(obj, cnt_type_oid) == 0) { if (has_ct++ != 0) { - cryptowarnx("%s: RFC 6488: duplicate " + warnx("%s: RFC 6488: duplicate " "signed attribute", fn); goto out; } } else if (OBJ_cmp(obj, msg_dgst_oid) == 0) { if (has_md++ != 0) { - cryptowarnx("%s: RFC 6488: duplicate " + warnx("%s: RFC 6488: duplicate " "signed attribute", fn); goto out; } } else if (OBJ_cmp(obj, sign_time_oid) == 0) { if (has_st++ != 0) { - cryptowarnx("%s: RFC 6488: duplicate " + warnx("%s: RFC 6488: duplicate " "signed attribute", fn); goto out; } @@ -203,13 +203,13 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der, goto out; } else if (OBJ_cmp(obj, bin_sign_time_oid) == 0) { if (has_bst++ != 0) { - cryptowarnx("%s: RFC 6488: duplicate " + warnx("%s: RFC 6488: duplicate " "signed attribute", fn); goto out; } } else { OBJ_obj2txt(buf, sizeof(buf), obj, 1); - cryptowarnx("%s: RFC 6488: " + warnx("%s: RFC 6488: " "CMS has unexpected signed attribute %s", fn, buf); goto out; @@ -217,7 +217,7 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der, } if (!has_ct || !has_md) { - cryptowarnx("%s: RFC 6488: CMS missing required " + warnx("%s: RFC 6488: CMS missing required " "signed attribute", fn); goto out; } @@ -229,7 +229,7 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der, warnx("%s: missing CMS signing-time attribute", fn); if (CMS_unsigned_get_attr_count(si) != -1) { - cryptowarnx("%s: RFC 6488: CMS has unsignedAttrs", fn); + warnx("%s: RFC 6488: CMS has unsignedAttrs", fn); goto out; } @@ -288,7 +288,7 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der, crls = CMS_get1_crls(cms); if (crls != NULL) { sk_X509_CRL_pop_free(crls, X509_CRL_free); - cryptowarnx("%s: RFC 6488: CMS has CRLs", fn); + warnx("%s: RFC 6488: CMS has CRLs", fn); goto out; } @@ -312,7 +312,7 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der, /* Cache X509v3 extensions, see X509_check_ca(3). */ if (X509_check_purpose(*xp, -1, -1) <= 0) { - cryptowarnx("%s: could not cache X509v3 extensions", fn); + warnx("%s: could not cache X509v3 extensions", fn); goto out; } diff --git a/usr.sbin/rpki-client/crl.c b/usr.sbin/rpki-client/crl.c index bf9b19a62..ac20c055c 100644 --- a/usr.sbin/rpki-client/crl.c +++ b/usr.sbin/rpki-client/crl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crl.c,v 1.26 2023/06/20 12:48:32 job Exp $ */ +/* $OpenBSD: crl.c,v 1.27 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -43,7 +43,7 @@ crl_parse(const char *fn, const unsigned char *der, size_t len) oder = der; if ((crl->x509_crl = d2i_X509_CRL(NULL, &der, len)) == NULL) { - cryptowarnx("%s: d2i_X509_CRL", fn); + warnx("%s: d2i_X509_CRL", fn); goto out; } if (der != oder + len) { @@ -58,7 +58,7 @@ crl_parse(const char *fn, const unsigned char *der, size_t len) X509_CRL_get0_signature(crl->x509_crl, NULL, &palg); if (palg == NULL) { - cryptowarnx("%s: X509_CRL_get0_signature", fn); + warnx("%s: X509_CRL_get0_signature", fn); goto out; } X509_ALGOR_get0(&cobj, NULL, NULL, palg); diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h index 142442c37..e41baff2f 100644 --- a/usr.sbin/rpki-client/extern.h +++ b/usr.sbin/rpki-client/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.186 2023/06/26 18:39:53 job Exp $ */ +/* $OpenBSD: extern.h,v 1.188 2023/06/29 14:33:35 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -530,9 +530,7 @@ enum stype { STYPE_TOTAL, STYPE_UNIQUE, STYPE_DEC_UNIQUE, - STYPE_BOTH, - STYPE_ONLY_IPV4, - STYPE_ONLY_IPV6, + STYPE_PROVIDERS, }; struct repo; @@ -562,8 +560,6 @@ struct repotalstats { uint32_t vaps; /* total number of Validated ASPA Payloads */ uint32_t vaps_uniqs; /* total number of unique VAPs */ uint32_t vaps_pas; /* total number of providers */ - uint32_t vaps_pas4; /* total number of IPv4 only providers */ - uint32_t vaps_pas6; /* total number of IPv6 only providers */ uint32_t vrps; /* total number of Validated ROA Payloads */ uint32_t vrps_uniqs; /* number of unique vrps */ }; @@ -799,14 +795,6 @@ void rrdp_fetch(unsigned int, const char *, const char *, void rrdp_abort(unsigned int); void rrdp_http_done(unsigned int, enum http_result, const char *); -/* Logging (though really used for OpenSSL errors). */ - -void cryptowarnx(const char *, ...) - __attribute__((format(printf, 1, 2))); -void cryptoerrx(const char *, ...) - __attribute__((format(printf, 1, 2))) - __attribute__((noreturn)); - /* Encoding functions for hex and base64. */ unsigned char *load_file(const char *, size_t *); diff --git a/usr.sbin/rpki-client/filemode.c b/usr.sbin/rpki-client/filemode.c index 6a0cbecbd..967f6816e 100644 --- a/usr.sbin/rpki-client/filemode.c +++ b/usr.sbin/rpki-client/filemode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: filemode.c,v 1.33 2023/05/30 16:02:28 job Exp $ */ +/* $OpenBSD: filemode.c,v 1.34 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2019 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -650,7 +650,7 @@ proc_filemode(int fd) x509_init_oid(); if ((ctx = X509_STORE_CTX_new()) == NULL) - cryptoerrx("X509_STORE_CTX_new"); + err(1, "X509_STORE_CTX_new"); TAILQ_INIT(&q); msgbuf_init(&msgq); diff --git a/usr.sbin/rpki-client/http.c b/usr.sbin/rpki-client/http.c index 4544eac23..c460c2056 100644 --- a/usr.sbin/rpki-client/http.c +++ b/usr.sbin/rpki-client/http.c @@ -1,4 +1,4 @@ -/* $OpenBSD: http.c,v 1.77 2023/06/20 15:15:14 claudio Exp $ */ +/* $OpenBSD: http.c,v 1.78 2023/06/28 17:36:09 op Exp $ */ /* * Copyright (c) 2020 Nils Fisher * Copyright (c) 2020 Claudio Jeker @@ -1369,7 +1369,6 @@ http_parse_header(struct http_connection *conn, char *buf) else if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) { cp += sizeof(CONTENTLEN) - 1; cp += strspn(cp, " \t"); - cp[strcspn(cp, " \t")] = '\0'; conn->iosz = strtonum(cp, 0, MAX_CONTENTLEN, &errstr); if (errstr != NULL) { warnx("Content-Length of %s is %s", @@ -1422,14 +1421,12 @@ http_parse_header(struct http_connection *conn, char *buf) sizeof(TRANSFER_ENCODING) - 1) == 0) { cp += sizeof(TRANSFER_ENCODING) - 1; cp += strspn(cp, " \t"); - cp[strcspn(cp, " \t")] = '\0'; if (strcasecmp(cp, "chunked") == 0) conn->chunked = 1; } else if (strncasecmp(cp, CONTENT_ENCODING, sizeof(CONTENT_ENCODING) - 1) == 0) { cp += sizeof(CONTENT_ENCODING) - 1; cp += strspn(cp, " \t"); - cp[strcspn(cp, " \t")] = '\0'; if (strcasecmp(cp, "gzip") == 0 || strcasecmp(cp, "deflate") == 0) { if (http_inflate_new(conn) == -1) @@ -1439,7 +1436,6 @@ http_parse_header(struct http_connection *conn, char *buf) } else if (strncasecmp(cp, CONNECTION, sizeof(CONNECTION) - 1) == 0) { cp += sizeof(CONNECTION) - 1; cp += strspn(cp, " \t"); - cp[strcspn(cp, " \t")] = '\0'; if (strcasecmp(cp, "close") == 0) conn->keep_alive = 0; else if (strcasecmp(cp, "keep-alive") == 0) diff --git a/usr.sbin/rpki-client/log.c b/usr.sbin/rpki-client/log.c deleted file mode 100644 index 662bd4678..000000000 --- a/usr.sbin/rpki-client/log.c +++ /dev/null @@ -1,74 +0,0 @@ -/* $OpenBSD: log.c,v 1.6 2020/09/12 15:46:48 claudio Exp $ */ -/* - * Copyright (c) 2019 Kristaps Dzonsons - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include - -#include - -#include "extern.h" - -/* - * Print the chain of openssl errors that led to the current one. - * This should only be invoked in the event that OpenSSL fails with - * something. - * It's followed by the (optional) given error message, then terminates. - */ -void -cryptoerrx(const char *fmt, ...) -{ - unsigned long er; - char buf[BUFSIZ]; - va_list ap; - - while ((er = ERR_get_error()) > 0) { - ERR_error_string_n(er, buf, sizeof(buf)); - warnx(" ...trace: %s", buf); - } - - if (fmt != NULL) { - va_start(ap, fmt); - vwarnx(fmt, ap); - va_end(ap); - } - - exit(1); -} - -/* - * Like cryptoerrx(), but without exiting. - */ -void -cryptowarnx(const char *fmt, ...) -{ - unsigned long er; - char buf[BUFSIZ]; - va_list ap; - - while ((er = ERR_get_error()) > 0) { - ERR_error_string_n(er, buf, sizeof(buf)); - warnx(" ...trace: %s", buf); - } - - if (fmt != NULL) { - va_start(ap, fmt); - vwarnx(fmt, ap); - va_end(ap); - } -} diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c index 771b8cfc7..e70866631 100644 --- a/usr.sbin/rpki-client/main.c +++ b/usr.sbin/rpki-client/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.243 2023/06/23 11:36:24 claudio Exp $ */ +/* $OpenBSD: main.c,v 1.244 2023/06/29 14:33:35 tb Exp $ */ /* * Copyright (c) 2021 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -750,8 +750,6 @@ sum_stats(const struct repo *rp, const struct repotalstats *in, void *arg) out->vaps += in->vaps; out->vaps_uniqs += in->vaps_uniqs; out->vaps_pas += in->vaps_pas; - out->vaps_pas4 += in->vaps_pas4; - out->vaps_pas6 += in->vaps_pas6; } static void diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c index 2f4761e02..43e769f70 100644 --- a/usr.sbin/rpki-client/mft.c +++ b/usr.sbin/rpki-client/mft.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mft.c,v 1.95 2023/06/20 12:39:50 job Exp $ */ +/* $OpenBSD: mft.c,v 1.96 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2019 Kristaps Dzonsons @@ -281,7 +281,7 @@ mft_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p) int i, rc = 0; if ((mft = d2i_Manifest(NULL, &d, dsz)) == NULL) { - cryptowarnx("%s: RFC 6486 section 4: failed to parse Manifest", + warnx("%s: RFC 6486 section 4: failed to parse Manifest", p->fn); goto out; } diff --git a/usr.sbin/rpki-client/output-ometric.c b/usr.sbin/rpki-client/output-ometric.c index 53ab900d7..350cf0294 100644 --- a/usr.sbin/rpki-client/output-ometric.c +++ b/usr.sbin/rpki-client/output-ometric.c @@ -1,4 +1,4 @@ -/* $OpenBSD: output-ometric.c,v 1.4 2023/06/05 14:19:13 claudio Exp $ */ +/* $OpenBSD: output-ometric.c,v 1.5 2023/06/29 14:33:35 tb Exp $ */ /* * Copyright (c) 2022 Claudio Jeker * @@ -83,11 +83,7 @@ set_common_stats(const struct repotalstats *in, struct ometric *metric, ometric_set_int_with_labels(metric, in->vaps_uniqs, OKV("type", "state"), OKV("vap", "unique"), ol); ometric_set_int_with_labels(metric, in->vaps_pas, - OKV("type", "state"), OKV("vap providers", "both"), ol); - ometric_set_int_with_labels(metric, in->vaps_pas4, - OKV("type", "state"), OKV("vap providers", "IPv4 only"), ol); - ometric_set_int_with_labels(metric, in->vaps_pas6, - OKV("type", "state"), OKV("vap providers", "IPv6 only"), ol); + OKV("type", "state"), OKV("vap providers", "total"), ol); } static void diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c index 107375fc2..9084c2fc7 100644 --- a/usr.sbin/rpki-client/parser.c +++ b/usr.sbin/rpki-client/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.96 2023/05/30 16:02:28 job Exp $ */ +/* $OpenBSD: parser.c,v 1.97 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2019 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -815,7 +815,7 @@ proc_parser(int fd) x509_init_oid(); if ((ctx = X509_STORE_CTX_new()) == NULL) - cryptoerrx("X509_STORE_CTX_new"); + err(1, "X509_STORE_CTX_new"); TAILQ_INIT(&q); diff --git a/usr.sbin/rpki-client/print.c b/usr.sbin/rpki-client/print.c index 5221d29d2..f3904ea7b 100644 --- a/usr.sbin/rpki-client/print.c +++ b/usr.sbin/rpki-client/print.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print.c,v 1.41 2023/06/26 18:39:53 job Exp $ */ +/* $OpenBSD: print.c,v 1.42 2023/06/29 10:22:37 job Exp $ */ /* * Copyright (c) 2021 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -612,19 +612,6 @@ rsc_print(const X509 *x, const struct rsc *p) json_do_end(); } -static void -aspa_provider(uint32_t as) -{ - if (outformats & FORMAT_JSON) { - json_do_object("aspa", 1); - json_do_uint("asid", as); - json_do_end(); - } else { - printf("AS: %u", as); - printf("\n"); - } -} - void aspa_print(const X509 *x, const struct aspa *p) { @@ -662,9 +649,13 @@ aspa_print(const X509 *x, const struct aspa *p) } for (i = 0; i < p->providersz; i++) { - if ((outformats & FORMAT_JSON) == 0 && i > 0) - printf("%26s", ""); - aspa_provider(p->providers[i]); + if (outformats & FORMAT_JSON) + json_do_uint("asid", p->providers[i]); + else { + if (i > 0) + printf("%26s", ""); + printf("AS: %u\n", p->providers[i]); + } } if (outformats & FORMAT_JSON) diff --git a/usr.sbin/rpki-client/repo.c b/usr.sbin/rpki-client/repo.c index ecaefc400..1a1bb49a0 100644 --- a/usr.sbin/rpki-client/repo.c +++ b/usr.sbin/rpki-client/repo.c @@ -1,4 +1,4 @@ -/* $OpenBSD: repo.c,v 1.48 2023/06/23 11:36:24 claudio Exp $ */ +/* $OpenBSD: repo.c,v 1.50 2023/06/29 14:33:35 tb Exp $ */ /* * Copyright (c) 2021 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -727,7 +727,7 @@ rrdp_session_save(unsigned int id, struct rrdp_session *state) if (fprintf(f, "-\n") < 0) goto fail; } - for (i = 0; state->deltas[i] != NULL; i++) { + for (i = 0; i < MAX_RRDP_DELTAS && state->deltas[i] != NULL; i++) { if (fprintf(f, "%s\n", state->deltas[i]) < 0) goto fail; } @@ -1473,15 +1473,9 @@ repo_stat_inc(struct repo *rp, int talid, enum rtype type, enum stype subtype) case STYPE_DEC_UNIQUE: rp->stats[talid].vaps_uniqs--; break; - case STYPE_BOTH: + case STYPE_PROVIDERS: rp->stats[talid].vaps_pas++; break; - case STYPE_ONLY_IPV4: - rp->stats[talid].vaps_pas4++; - break; - case STYPE_ONLY_IPV6: - rp->stats[talid].vaps_pas6++; - break; default: break; } diff --git a/usr.sbin/rpki-client/roa.c b/usr.sbin/rpki-client/roa.c index 0097b514f..e7637a423 100644 --- a/usr.sbin/rpki-client/roa.c +++ b/usr.sbin/rpki-client/roa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: roa.c,v 1.68 2023/06/07 10:46:34 job Exp $ */ +/* $OpenBSD: roa.c,v 1.69 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2019 Kristaps Dzonsons @@ -114,7 +114,7 @@ roa_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p) int i, j, rc = 0; if ((roa = d2i_RouteOriginAttestation(NULL, &d, dsz)) == NULL) { - cryptowarnx("%s: RFC 6482 section 3: failed to parse " + warnx("%s: RFC 6482 section 3: failed to parse " "RouteOriginAttestation", p->fn); goto out; } diff --git a/usr.sbin/rpki-client/rsc.c b/usr.sbin/rpki-client/rsc.c index 4e9f491ca..552eb5ba6 100644 --- a/usr.sbin/rpki-client/rsc.c +++ b/usr.sbin/rpki-client/rsc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsc.c,v 1.26 2023/06/07 10:46:34 job Exp $ */ +/* $OpenBSD: rsc.c,v 1.27 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2022 Job Snijders @@ -334,8 +334,7 @@ rsc_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p) */ if ((rsc = d2i_RpkiSignedChecklist(NULL, &d, dsz)) == NULL) { - cryptowarnx("%s: RSC: failed to parse RpkiSignedChecklist", - p->fn); + warnx("%s: RSC: failed to parse RpkiSignedChecklist", p->fn); goto out; } diff --git a/usr.sbin/rpki-client/tak.c b/usr.sbin/rpki-client/tak.c index b841e9abc..45a5e4035 100644 --- a/usr.sbin/rpki-client/tak.c +++ b/usr.sbin/rpki-client/tak.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tak.c,v 1.10 2023/06/20 12:39:50 job Exp $ */ +/* $OpenBSD: tak.c,v 1.11 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2022 Job Snijders * Copyright (c) 2022 Theo Buehler @@ -191,7 +191,7 @@ tak_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p) fn = p->fn; if ((tak = d2i_TAK(NULL, &d, dsz)) == NULL) { - cryptowarnx("%s: failed to parse Trust Anchor Key", fn); + warnx("%s: failed to parse Trust Anchor Key", fn); goto out; } diff --git a/usr.sbin/rpki-client/tal.c b/usr.sbin/rpki-client/tal.c index c326f6611..a1af4a70d 100644 --- a/usr.sbin/rpki-client/tal.c +++ b/usr.sbin/rpki-client/tal.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tal.c,v 1.38 2022/11/30 09:02:58 job Exp $ */ +/* $OpenBSD: tal.c,v 1.39 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -137,7 +137,7 @@ tal_parse_buffer(const char *fn, char *buf, size_t len) /* Make sure it's a valid public key. */ pkey = d2i_PUBKEY(NULL, (const unsigned char **)&der, dersz); if (pkey == NULL) { - cryptowarnx("%s: RFC 7730 section 2.1: subjectPublicKeyInfo: " + warnx("%s: RFC 7730 section 2.1: subjectPublicKeyInfo: " "failed public key parse", fn); goto out; } diff --git a/usr.sbin/rpki-client/validate.c b/usr.sbin/rpki-client/validate.c index 7865a93d0..d934f2c1e 100644 --- a/usr.sbin/rpki-client/validate.c +++ b/usr.sbin/rpki-client/validate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: validate.c,v 1.65 2023/06/07 11:09:08 tb Exp $ */ +/* $OpenBSD: validate.c,v 1.66 2023/06/29 10:28:25 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -407,14 +407,14 @@ valid_x509(char *file, X509_STORE_CTX *store_ctx, X509 *x509, struct auth *a, assert(store_ctx != NULL); assert(x509 != NULL); if (!X509_STORE_CTX_init(store_ctx, NULL, x509, NULL)) - cryptoerrx("X509_STORE_CTX_init"); + err(1, "X509_STORE_CTX_init"); if ((params = X509_STORE_CTX_get0_param(store_ctx)) == NULL) - cryptoerrx("X509_STORE_CTX_get0_param"); + errx(1, "X509_STORE_CTX_get0_param"); if ((cp_oid = OBJ_dup(certpol_oid)) == NULL) - cryptoerrx("OBJ_dup"); + err(1, "OBJ_dup"); if (!X509_VERIFY_PARAM_add0_policy(params, cp_oid)) - cryptoerrx("X509_VERIFY_PARAM_add0_policy"); + err(1, "X509_VERIFY_PARAM_add0_policy"); X509_VERIFY_PARAM_set_time(params, get_current_time()); flags = X509_V_FLAG_CRL_CHECK;