sync code with last improvements from OpenBSD

distrib/sets/lists/comp/md.armv7

@@ -43,6 +43,7 @@
 ./usr/include/arm/reloc.h
 ./usr/include/arm/setjmp.h
 ./usr/include/arm/signal.h
+./usr/include/arm/simplebusvar.h
 ./usr/include/arm/softintr.h
 ./usr/include/arm/spinlock.h
 ./usr/include/arm/sysarch.h
@@ -91,6 +92,7 @@
 ./usr/include/armv7/reloc.h
 ./usr/include/armv7/setjmp.h
 ./usr/include/armv7/signal.h
+./usr/include/armv7/simplebusvar.h
 ./usr/include/armv7/spinlock.h
 ./usr/include/armv7/sysarch.h
 ./usr/include/armv7/tcb.h

distrib/sets/lists/comp/mi

@@ -2274,6 +2274,8 @@
 ./usr/share/man/man3/X509v3_addr_add_inherit.3
 ./usr/share/man/man3/X509v3_addr_get_range.3
 ./usr/share/man/man3/X509v3_addr_inherits.3
+./usr/share/man/man3/X509v3_addr_subset.3
+./usr/share/man/man3/X509v3_addr_validate_path.3
 ./usr/share/man/man3/X509v3_asid_add_id_or_range.3
 ./usr/share/man/man3/X509v3_get_ext_by_NID.3
 ./usr/share/man/man3/__tfork_thread.3

etc/skel/dot.version

@@ -1 +1 @@
-# SecBSD 1.4-1a4ae3e: Thu Sep 28 00:00:00 UTC 2023 (Tezcatlipoca)
+# SecBSD 1.4-f463301edc: Thu Sep 28 00:00:00 UTC 2023 (Tezcatlipoca)

lib/libcrypto/evp/e_aes.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.53 2023/07/07 19:37:53 beck Exp $ */
+/* $OpenBSD: e_aes.c,v 1.54 2023/09/28 11:29:10 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -1305,7 +1305,11 @@ aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 		gctx->tls_aad_len = -1;
 		return 1;
 
-	case EVP_CTRL_GCM_SET_IVLEN:
+	case EVP_CTRL_AEAD_GET_IVLEN:
+		*(int *)ptr = gctx->ivlen;
+		return 1;
+
+	case EVP_CTRL_AEAD_SET_IVLEN:
 		if (arg <= 0)
 			return 0;
 		/* Allocate memory for IV if needed */
@@ -1631,6 +1635,7 @@ aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
 #define CUSTOM_FLAGS \
     ( EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | \
+      EVP_CIPH_FLAG_CUSTOM_IV_LENGTH | \
       EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT | \
       EVP_CIPH_CTRL_INIT | EVP_CIPH_CUSTOM_COPY )
 
@@ -1968,7 +1973,11 @@ aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 		cctx->len_set = 0;
 		return 1;
 
-	case EVP_CTRL_CCM_SET_IVLEN:
+	case EVP_CTRL_AEAD_GET_IVLEN:
+		*(int *)ptr = 15 - cctx->L;
+		return 1;
+
+	case EVP_CTRL_AEAD_SET_IVLEN:
 		arg = 15 - arg;
 
 	case EVP_CTRL_CCM_SET_L:

lib/libcrypto/evp/e_chacha20poly1305.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: e_chacha20poly1305.c,v 1.31 2023/08/24 04:33:08 tb Exp $ */
+/* $OpenBSD: e_chacha20poly1305.c,v 1.32 2023/09/28 11:29:10 tb Exp $ */
 
 /*
  * Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
@@ -18,6 +18,7 @@
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+#include <limits.h>
 #include <stdint.h>
 #include <string.h>
 
@@ -551,6 +552,12 @@ chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
 		cpx->nonce_len = sizeof(cpx->nonce);
 		return 1;
 
+	case EVP_CTRL_AEAD_GET_IVLEN:
+		if (cpx->nonce_len > INT_MAX)
+			return 0;
+		*(int *)ptr = (int)cpx->nonce_len;
+		return 1;
+
 	case EVP_CTRL_AEAD_SET_IVLEN:
 		if (arg <= 0 || arg > sizeof(cpx->nonce))
 			return 0;
@@ -592,8 +599,9 @@ static const EVP_CIPHER cipher_chacha20_poly1305 = {
 	.key_len = 32,
 	.iv_len = 12,
 	.flags = EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT |
-	    EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_AEAD_CIPHER |
-	    EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1,
+	    EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_IV_LENGTH |
+	    EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_CUSTOM_CIPHER |
+	    EVP_CIPH_FLAG_DEFAULT_ASN1,
 	.init = chacha20_poly1305_init,
 	.do_cipher = chacha20_poly1305_cipher,
 	.cleanup = chacha20_poly1305_cleanup,

lib/libcrypto/evp/evp_lib.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_lib.c,v 1.27 2023/07/07 19:37:53 beck Exp $ */
+/* $OpenBSD: evp_lib.c,v 1.28 2023/09/28 11:29:10 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -266,7 +266,20 @@ EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
 int
 EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
 {
-	return ctx->cipher->iv_len;
+	int iv_length = 0;
+
+	if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_IV_LENGTH) == 0)
+		return ctx->cipher->iv_len;
+
+	/*
+	 * XXX - sanity would suggest to pass the size of the pointer along,
+	 * but unfortunately we have to match the other crowd.
+	 */
+	if (EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN, 0,
+	    &iv_length) != 1)
+		return -1;
+
+	return iv_length;
 }
 
 unsigned char *

lib/libcrypto/evp/evp_local.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_local.h,v 1.4 2023/08/11 05:10:35 tb Exp $ */
+/* $OpenBSD: evp_local.h,v 1.5 2023/09/28 11:29:10 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -61,6 +61,12 @@
 
 __BEGIN_HIDDEN_DECLS
 
+/* XXX - move these to evp.h after unlock. */
+#define	EVP_CTRL_GET_IVLEN		0x25
+#define	EVP_CIPH_FLAG_CUSTOM_IV_LENGTH	0x400000
+
+#define	EVP_CTRL_AEAD_GET_IVLEN		EVP_CTRL_GET_IVLEN
+
 /*
  * Don't free md_ctx->pctx in EVP_MD_CTX_cleanup().  Needed for ownership
  * handling in EVP_MD_CTX_set_pkey_ctx().

lib/libcrypto/man/ASIdentifiers_new.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: ASIdentifiers_new.3,v 1.7 2023/09/27 08:46:46 tb Exp $
+.\" $OpenBSD: ASIdentifiers_new.3,v 1.9 2023/09/29 08:57:49 tb Exp $
 .\"
 .\" Copyright (c) 2021 Theo Buehler <tb@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: September 27 2023 $
+.Dd $Mdocdate: September 29 2023 $
 .Dt ASIDENTIFIERS_NEW 3
 .Os
 .Sh NAME
@@ -47,7 +47,7 @@
 .Sh DESCRIPTION
 RFC 3779 defines two X.509v3 certificate extensions that allow the
 delegation of
-IP address blocks and autonomous system (AS) identifiers
+IP addresses and autonomous system (AS) identifiers
 from the issuer to the subject of the certificate.
 An
 .Vt ASIdentifiers
@@ -112,8 +112,12 @@ or a value <= 0 if an error occurs.
 .Xr crypto 3 ,
 .Xr IPAddressRange_new 3 ,
 .Xr X509_new 3 ,
-.Xr X509v3_asid_add_id_or_range 3 ,
-.Xr X509v3_asid_inherits 3
+.Xr X509v3_addr_add_inherit 3 ,
+.Xr X509v3_addr_get_range 3 ,
+.Xr X509v3_addr_inherits 3 ,
+.Xr X509v3_addr_subset 3 ,
+.Xr X509v3_addr_validate_path 3 ,
+.Xr X509v3_asid_add_id_or_range 3
 .Sh STANDARDS
 RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers:
 .Bl -dash -compact
@@ -130,5 +134,5 @@ and have been available since
 .Ox 7.1 .
 .Sh BUGS
 There are no corresponding functions for the RFC 3779
-IP address blocks delegation extension represented by
+IP address delegation extension represented by
 .Vt IPAddrBlocks .

lib/libcrypto/man/ASRange_new.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: ASRange_new.3,v 1.5 2023/09/27 08:46:46 tb Exp $
+.\" $OpenBSD: ASRange_new.3,v 1.6 2023/09/28 12:35:31 tb Exp $
 .\"
 .\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: September 27 2023 $
+.Dd $Mdocdate: September 28 2023 $
 .Dt ASRANGE_NEW 3
 .Os
 .Sh NAME
@@ -90,7 +90,7 @@ autonomous system identifier delegation extension.
 .Pp
 All
 .Vt ASN1_INTEGER Ns s
-in this manual should be representable as unsigned 32-bit integers.
+in this manual must be representable as unsigned 32-bit integers.
 The API performs no corresponding checks.
 The library provides no convenient way of setting the value of an
 .Vt ASN1_INTEGER
@@ -358,6 +358,7 @@ or a value <= 0 if an error occurs.
 .Xr crypto 3 ,
 .Xr IPAddressRange_new 3 ,
 .Xr s2i_ASN1_INTEGER 3 ,
+.Xr STACK_OF 3 ,
 .Xr X509_new 3 ,
 .Xr X509v3_asid_add_id_or_range 3
 .Sh STANDARDS

lib/libcrypto/man/IPAddressRange_new.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: IPAddressRange_new.3,v 1.4 2023/09/27 08:46:46 tb Exp $
+.\" $OpenBSD: IPAddressRange_new.3,v 1.5 2023/09/28 12:35:31 tb Exp $
 .\"
 .\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: September 27 2023 $
+.Dd $Mdocdate: September 28 2023 $
 .Dt IPADDRESSRANGE_NEW 3
 .Os
 .Sh NAME
@@ -110,12 +110,12 @@ type representing the IP address delegation extension.
 Per RFC 3779, section 2.1.1,
 an IPv4 or an IPv6 address is encoded in network byte order in an
 ASN.1 BIT STRING of bit size 32 or 128 bits, respectively.
-The bit size of a prefix is its prefix length.
-In other words, all insignificant zero bits are omitted
+The bit size of a prefix is its prefix length;
+all insignificant zero bits are omitted
 from the encoding.
 An address range is expressed as a pair of BIT STRINGs
-where all least significant zero bits of the lower bound
-and the all least significant one bits of the upper bound are omitted.
+where all the least significant zero bits of the lower bound
+and all the least significant one bits of the upper bound are omitted.
 .Pp
 The library provides no API for directly converting an IP address or
 prefix (in any form) to and from an
@@ -127,8 +127,11 @@ internals are subtle and directly manipulating them in the
 context of the RFC 3779 API is discouraged.
 The bit size of an
 .Vt ASN1_BIT_STRING
-representing an IP address prefix or range is eight times its length
-member minus the lowest three bits of its flags, provided the
+representing an IP address prefix or range is eight times its
+.Fa length
+member minus the lowest three bits of its
+.Fa flags ,
+provided the
 .Dv ASN1_STRING_FLAG_BITS_LEFT
 flag is set.
 .Pp
@@ -460,7 +463,8 @@ or a value <= 0 if an error occurs.
 .Xr crypto 3 ,
 .Xr X509_new 3 ,
 .Xr X509v3_addr_add_inherit 3 ,
-.Xr X509v3_addr_inherits 3
+.Xr X509v3_addr_inherits 3 ,
+.Xr X509v3_addr_subset 3
 .Sh STANDARDS
 RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers:
 .Bl -dash -compact
@@ -483,7 +487,7 @@ section 2.2.3.7: Type IPAddressOrRange
 .It
 section 2.2.3.8: Element addressPrefix and Type IPAddress
 .It
-section 2.2.3.9: Elements addressRange and Type IPAddressRange
+section 2.2.3.9: Element addressRange and Type IPAddressRange
 .El
 .Pp
 ITU-T Recommendation X.690, also known as ISO/IEC 8825-1:

lib/libcrypto/man/Makefile

@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.274 2023/09/26 20:42:45 tb Exp $
+# $OpenBSD: Makefile,v 1.276 2023/09/29 08:57:49 tb Exp $
 
 .include <bsd.own.mk>
 
@@ -395,6 +395,8 @@ MAN=	\
 	X509v3_addr_add_inherit.3 \
 	X509v3_addr_get_range.3 \
 	X509v3_addr_inherits.3 \
+	X509v3_addr_subset.3 \
+	X509v3_addr_validate_path.3 \
 	X509v3_asid_add_id_or_range.3 \
 	X509v3_asid_add_id_or_range.3 \
 	X509v3_get_ext_by_NID.3 \

lib/libcrypto/man/X509_new.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_new.3,v 1.41 2023/09/26 20:42:45 tb Exp $
+.\" $OpenBSD: X509_new.3,v 1.43 2023/09/29 08:57:49 tb Exp $
 .\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
 .\" This file is a derived work.
@@ -66,7 +66,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 26 2023 $
+.Dd $Mdocdate: September 29 2023 $
 .Dt X509_NEW 3
 .Os
 .Sh NAME
@@ -245,6 +245,8 @@ if an error occurs.
 .Xr X509v3_addr_add_inherit 3 ,
 .Xr X509v3_addr_get_range 3 ,
 .Xr X509v3_addr_inherits 3 ,
+.Xr X509v3_addr_subset 3 ,
+.Xr X509v3_addr_validate_path 3 ,
 .Xr X509v3_asid_add_id_or_range 3
 .Sh STANDARDS
 RFC 5280: Internet X.509 Public Key Infrastructure Certificate and

lib/libcrypto/man/X509v3_addr_add_inherit.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509v3_addr_add_inherit.3,v 1.5 2023/09/27 08:46:46 tb Exp $
+.\" $OpenBSD: X509v3_addr_add_inherit.3,v 1.7 2023/09/29 08:57:49 tb Exp $
 .\"
 .\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: September 27 2023 $
+.Dd $Mdocdate: September 29 2023 $
 .Dt X509V3_ADDR_ADD_INHERIT 3
 .Os
 .Sh NAME
@@ -60,7 +60,7 @@
 An
 .Vt IPAddrBlocks
 object represents the content of
-an X509v3 IP address blocks delegation extension
+an IP address delegation extension
 as defined in RFC 3779, section 2.2.3.1.
 It holds lists of IP address prefixes and IP address ranges
 delegated from the issuer to the subject of the certificate.
@@ -399,8 +399,9 @@ is desired.
 .Xr inet_ntop 3 ,
 .Xr IPAddressRange_new 3 ,
 .Xr X509_new 3 ,
-.Xr X509v3_asid_add_id_or_range 3 ,
-.Xr X509v3_addr_get_range 3
+.Xr X509v3_addr_get_range 3 ,
+.Xr X509v3_addr_validate_path 3 ,
+.Xr X509v3_asid_add_id_or_range 3
 .Sh STANDARDS
 RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers:
 .Bl -dash -compact

lib/libcrypto/man/X509v3_addr_subset.3

@@ -0,0 +1,176 @@
+.\" $OpenBSD: X509v3_addr_subset.3,v 1.1 2023/09/28 12:36:36 tb Exp $
+.\"
+.\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: September 28 2023 $
+.Dt X509V3_ADDR_SUBSET 3
+.Os
+.Sh NAME
+.Nm X509v3_addr_subset ,
+.Nm X509v3_asid_subset
+.Nd RFC 3779 subset relationship
+.Sh SYNOPSIS
+.In openssl/x509v3.h
+.Ft int
+.Fn X509v3_addr_subset "IPAddrBlocks *child" "IPAddrBlocks *parent"
+.Ft int
+.Fn X509v3_asid_subset "ASIdentifiers *child" "ASIdentifiers *parent"
+.Sh DESCRIPTION
+.Fn X509v3_addr_subset
+determines if all IP address resources present in
+.Fa child
+are contained in the corresponding resources in
+.Fa parent .
+.Pp
+The implementation assumes but does not ensure that both
+.Fa child
+and
+.Fa parent
+are in canonical form as described in
+.Xr X509v3_addr_is_canonical 3 .
+In particular, both
+.Fa child
+and
+.Fa parent
+are sorted appropriately and they contain at most one
+.Vt IPAddressFamily
+object per address family identifier (AFI) and optional
+subsequent address family identifier (SAFI).
+.Pp
+The checks are, in order:
+.Bl -enum
+.It
+If
+.Fa child
+is
+.Dv NULL
+or identical to
+.Fa parent
+then
+.Fa child
+is a subset of
+.Fa parent .
+(In particular, a
+.Dv NULL
+.Fa parent
+is allowed for a
+.Dv NULL
+.Fa child Ns .)
+.It
+If
+.Fa parent
+is
+.Dv NULL
+then
+.Fa child
+is not a subset of
+.Fa parent .
+.It
+If
+.Xr X509v3_addr_inherits 3
+determines that
+.Fa child
+inherits or that
+.Fa parent
+inherits
+then
+.Fa child
+is not a subset of
+.Fa parent .
+.It
+Each address prefix or range in
+.Fa child
+must be a subset of an address prefix or range in the
+.Fa parent ,
+taking AFI and optional SAFI into account:
+.Bl -bullet -compact
+.It
+For each
+.Vt IPAddressFamily
+of
+.Fa child
+there must be an
+.Vt IPAddressFamily
+of
+.Fa parent
+with the same AFI and optional SAFI.
+.It
+Since the address prefixes and ranges in corresponding
+.Vt IPAddressFamily
+objects in
+.Fa child
+and
+.Fa parent
+are sorted in ascending order,
+and do not overlap,
+they can be traversed simultaneously in linear time.
+For each prefix or range in
+.Fa child
+there must be a prefix or range in
+.Fa parent
+whose minimal address is smaller
+and whose maximal address is larger.
+.El
+If any of these steps fails,
+.Fa child
+is not a subset of
+.Fa parent .
+.El
+.Pp
+.Fn X509v3_asid_subset
+determines if all AS identifier resources in
+.Fa child
+are contained in the corresponding resources in
+.Fa parent .
+.Pp
+The description for
+.Fn X509v3_addr_subset
+applies mutatis mutandis.
+In particular,
+.Fa child
+and
+.Fa parent
+must be in canonical form per
+.Xr X509v3_asid_is_canonical 3 ,
+but this is not enforced.
+.Sh RETURN VALUES
+.Fn X509v3_addr_subset
+and
+.Fn X509v3_asid_subset
+return 1 if and only if
+.Fa child
+is a subset of
+.Fa parent ,
+otherwise they return 0.
+If both
+.Fa child
+and
+.Fa parent
+are in canonical form,
+they cannot fail.
+.Sh SEE ALSO
+.Xr ASIdentifiers_new 3 ,
+.Xr ASRange_new 3 ,
+.Xr crypto 3 ,
+.Xr IPAddressRange_new 3 ,
+.Xr X509_new 3 ,
+.Xr X509v3_addr_add_inherit 3 ,
+.Xr X509v3_asid_add_inherit 3
+.Sh STANDARDS
+RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers.
+.Sh HISTORY
+These functions first appeared in OpenSSL 0.9.8e
+and have been available since
+.Ox 7.1 .

lib/libcrypto/man/X509v3_addr_validate_path.3

@@ -0,0 +1,204 @@
+.\" $OpenBSD: X509v3_addr_validate_path.3,v 1.3 2023/09/29 15:41:06 tb Exp $
+.\"
+.\" Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: September 29 2023 $
+.Dt X509V3_ADDR_VALIDATE_PATH 3
+.Os
+.Sh NAME
+.Nm X509v3_addr_validate_path ,
+.Nm X509v3_addr_validate_resource_set ,
+.Nm X509v3_asid_validate_path ,
+.Nm X509v3_asid_validate_resource_set
+.Nd RFC 3779 path validation for IP address and AS number delegation
+.Sh SYNOPSIS
+.In openssl/x509v3.h
+.Ft int
+.Fn X509v3_addr_validate_path "X509_STORE_CTX *ctx"
+.Ft int
+.Fo X509v3_addr_validate_resource_set
+.Fa "STACK_OF(X509) *chain"
+.Fa "IPAddrBlocks *addrblocks"
+.Fa "int allow_inheritance"
+.Fc
+.Ft int
+.Fn X509v3_asid_validate_path "X509_STORE_CTX *ctx"
+.Ft int
+.Fo X509v3_asid_validate_resource_set
+.Fa "STACK_OF(X509) *chain"
+.Fa "ASIdentifiers *asid"
+.Fa "int allow_inheritance"
+.Fc
+.Sh DESCRIPTION
+Both RFC 3779 extensions require additional checking in the certification
+path validation.
+.Bl -enum
+.It
+The initial set of allowed IP address and AS number resources is defined in
+the trust anchor, where inheritance is not allowed.
+.It
+All IP address delegation or AS number delegation extensions
+appearing in the validation path must be in canonical form
+according to
+.Xr X509v3_addr_is_canonical 3
+and
+.Xr X509v3_asid_is_canonical 3 .
+.It
+If the IP address delegation extension is present in a certificate,
+it must also be present in its issuer.
+Similarly for the AS identifiers delegation extension.
+.It
+An issuer may only delegate subsets of resources present in its
+RFC 3779 extensions or subsets of resources inherited from its issuer.
+.El
+.Pp
+.Fn X509v3_addr_validate_path
+and
+.Fn X509v3_asid_validate_path
+are called from
+.Xr X509_verify_cert 3
+as part of the verification chain building.
+On encountering an error or a violation of the above rules,
+.Fa error ,
+.Fa error_depth ,
+and
+.Fa current_cert
+are set on
+.Fa ctx
+and the verify callback is called with
+.Fa ok
+set to 0.
+.Dv X509_V_ERR_INVALID_EXTENSION
+indicates a non-canonical resource,
+.Dv X509_V_ERR_UNNESTED_RESOURCE
+indicates a violation of the other rules above.
+In rare circumstances, the error can be
+.Dv X509_V_ERR_UNSPECIFIED
+and for IP address resources
+.Dv X509_V_ERR_OUT_OF_MEM
+is also possible.
+.Pp
+.Fn X509v3_addr_validate_resource_set
+validates the resources in
+.Fa addrblocks
+against a specific certificate
+.Fa chain .
+After checking that
+.Fa addrblocks
+is canonical, its IP addresses are checked to be covered in
+the certificate at depth 0,
+then the chain is walked all the way to the trust anchor
+until an error or a violation of the above rules is encountered.
+.Fa addrblocks
+is allowed to use inheritance according to
+.Xr X509v3_addr_inherits 3
+if and only if
+.Fa allow_inherit
+is non-zero.
+.Pp
+.Fn X509v3_asid_validate_resource_set
+performs similar checks as
+.Fn X509v3_addr_validate_resource_set
+for
+.Fa asid .
+.Sh RETURN VALUES
+All these functions return 1 on successful validation and 0 otherwise.
+.Pp
+For
+.Fn X509v3_addr_validate_path
+and
+.Fn X509v3_asid_validate_path
+a non-empty
+.Fa chain
+and a
+.Fa verify_cb
+must be present on
+.Fa ctx ,
+otherwise they fail and set the
+.Fa error
+on
+.Fa ctx
+to
+.Dv X509_V_ERR_UNSPECIFIED .
+The
+.Fa verify_cb
+is called with the error codes described above
+on most errors encountered during validation.
+Some malformed extensions can lead to an error
+that cannot be intercepted by the callback.
+With the exception of an allocation error,
+no error codes are set on the error stack.
+.Pp
+.Fn X509v3_addr_validate_resource_set
+accepts a
+.Dv NULL
+.Fa addrblocks
+and
+.Fn X509v3_asid_validate_resource_set
+accepts a
+.Dv NULL
+.Fa asid
+as valid.
+They fail if
+.Fa chain
+is
+.Dv NULL
+or empty.
+If
+.Fa allow_inheritance
+is 0 ,
+.Fa addrblocks
+or
+.Fa asid
+is checked for inheritance with
+.Xr X509v3_addr_inherits 3
+or
+.Xr X509v3_asid_inherits 3 .
+The remaining failure cases are the same as for
+.Fn X509v3_addr_validate_path
+and
+.Fn X509v3_asid_validate_path .
+They cannot and do not attempt to communicate
+the cause of the error to the caller.
+.Sh SEE ALSO
+.Xr ASIdentifiers_new 3 ,
+.Xr crypto 3 ,
+.Xr IPAddressRange_new 3 ,
+.Xr X509_new 3 ,
+.Xr X509_STORE_CTX_get_error 3 ,
+.Xr X509_verify_cert 3 ,
+.Xr X509v3_addr_add_inherit 3 ,
+.Xr X509v3_addr_inherits 3 ,
+.Xr X509v3_asid_add_id_or_range 3
+.Sh STANDARDS
+RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers:
+.Bl -dash -compact
+.It
+section 2.3: IP Address Delegation Extension Certification Path Validation
+.It
+section 3.3: Autonomous System Identifier Delegation Extension Certification
+Path Validation
+.El
+.Pp
+RFC 5280: Internet X.509 Public Key Infrastructure Certificate
+and Certificate Revocation List (CRL) Profile
+.Bl -dash -compact
+.It
+section 6: Certification Path Validation
+.El
+.Sh HISTORY
+These functions first appeared in OpenSSL 0.9.8e
+and have been available since
+.Ox 7.1 .

lib/libcrypto/man/X509v3_asid_add_id_or_range.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509v3_asid_add_id_or_range.3,v 1.5 2023/09/27 08:46:46 tb Exp $
+.\" $OpenBSD: X509v3_asid_add_id_or_range.3,v 1.7 2023/09/29 08:57:49 tb Exp $
 .\"
 .\" Copyright (c) 2021-2023 Theo Buehler <tb@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: September 27 2023 $
+.Dd $Mdocdate: September 29 2023 $
 .Dt X509V3_ASID_ADD_ID_OR_RANGE 3
 .Os
 .Sh NAME
@@ -48,7 +48,7 @@
 .Sh DESCRIPTION
 An
 .Vt ASIdentifiers
-object represents the content of the X509v3 certificate extension
+object represents the content of the certificate extension
 defined in RFC 3779, section 3.2.3.1.
 It can be instantiated with
 .Xr ASIdentifiers_new 3
@@ -242,7 +242,8 @@ failure.
 .Xr crypto 3 ,
 .Xr s2i_ASN1_INTEGER 3 ,
 .Xr X509_new 3 ,
-.Xr X509v3_addr_add_inherit 3
+.Xr X509v3_addr_add_inherit 3 ,
+.Xr X509v3_addr_validate_path 3
 .Sh STANDARDS
 RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers,
 .Bl -dash -compact

lib/libcrypto/x509/x509_constraints.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_constraints.c,v 1.31 2022/12/26 07:18:53 jmc Exp $ */
+/* $OpenBSD: x509_constraints.c,v 1.32 2023/09/29 15:53:59 beck Exp $ */
 /*
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
  *
@@ -38,23 +38,23 @@
 #define MAX_IP_ADDRESS_LENGTH (size_t)46
 
 static int
-cbs_is_ip_address(CBS *cbs)
+cbs_is_ip_address(CBS *cbs, int *is_ip)
 {
 	struct sockaddr_in6 sin6;
 	struct sockaddr_in sin4;
 	char *name = NULL;
-	int ret = 0;
 
+	*is_ip = 0;
 	if (CBS_len(cbs) > MAX_IP_ADDRESS_LENGTH)
-		return 0;
+		return 1;
 	if (!CBS_strdup(cbs, &name))
 		return 0;
 	if (inet_pton(AF_INET, name, &sin4) == 1 ||
 	    inet_pton(AF_INET6, name, &sin6) == 1)
-		ret = 1;
+		*is_ip = 1;
 
 	free(name);
-	return ret;
+	return 1;
 }
 
 struct x509_constraints_name *
@@ -264,16 +264,21 @@ x509_constraints_valid_domain_internal(CBS *cbs, int wildcards)
 }
 
 int
-x509_constraints_valid_host(CBS *cbs)
+x509_constraints_valid_host(CBS *cbs, int permit_ip)
 {
 	uint8_t first;
+	int is_ip;
 
 	if (!CBS_peek_u8(cbs, &first))
 		return 0;
 	if (first == '.')
-		return 0; /* leading . not allowed in a host name */
-	if (cbs_is_ip_address(cbs))
-		return 0;
+		return 0; /* leading . not allowed in a host name or IP */
+	if (!permit_ip) {
+		if (!cbs_is_ip_address(cbs, &is_ip))
+			return 0;
+		if (is_ip)
+			return 0;
+	}
 
 	return x509_constraints_valid_domain_internal(cbs, 0);
 }
@@ -441,7 +446,7 @@ x509_constraints_parse_mailbox(CBS *candidate,
 	if (candidate_local == NULL || candidate_domain == NULL)
 		goto bad;
 	CBS_init(&domain_cbs, candidate_domain, strlen(candidate_domain));
-	if (!x509_constraints_valid_host(&domain_cbs))
+	if (!x509_constraints_valid_host(&domain_cbs, 0))
 		goto bad;
 
 	if (name != NULL) {
@@ -558,7 +563,7 @@ x509_constraints_uri_host(uint8_t *uri, size_t len, char **hostpart)
 	if (host == NULL)
 		host = authority;
 	CBS_init(&host_cbs, host, hostlen);
-	if (!x509_constraints_valid_host(&host_cbs))
+	if (!x509_constraints_valid_host(&host_cbs, 1))
 		return 0;
 	if (hostpart != NULL && !CBS_strdup(&host_cbs, hostpart))
 		return 0;
@@ -924,7 +929,7 @@ x509_constraints_extract_names(struct x509_constraints_names *names,
 				goto err;
 			}
 			CBS_init(&cbs, aname->data, aname->length);
-			if (!x509_constraints_valid_host(&cbs))
+			if (!x509_constraints_valid_host(&cbs, 0))
 				continue; /* ignore it if not a hostname */
 			if ((vname = x509_constraints_name_new()) == NULL) {
 				*error = X509_V_ERR_OUT_OF_MEM;

lib/libcrypto/x509/x509_internal.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_internal.h,v 1.25 2023/01/28 19:08:09 tb Exp $ */
+/* $OpenBSD: x509_internal.h,v 1.26 2023/09/29 15:53:59 beck Exp $ */
 /*
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
  *
@@ -111,7 +111,7 @@ struct x509_constraints_names *x509_constraints_names_new(size_t names_max);
 int x509_constraints_general_to_bytes(GENERAL_NAME *name, uint8_t **bytes,
     size_t *len);
 void x509_constraints_names_free(struct x509_constraints_names *names);
-int x509_constraints_valid_host(CBS *cbs);
+int x509_constraints_valid_host(CBS *cbs, int permit_ip);
 int x509_constraints_valid_sandns(CBS *cbs);
 int x509_constraints_domain(char *domain, size_t dlen, char *constraint,
     size_t len);

lib/libutil/imsg_init.3

@@ -1,4 +1,4 @@
-.\" $OpenBSD: imsg_init.3,v 1.28 2023/06/20 06:53:29 jsg Exp $
+.\" $OpenBSD: imsg_init.3,v 1.30 2023/09/28 17:00:21 schwarze Exp $
 .\"
 .\" Copyright (c) 2010 Nicholas Marriott <nicm@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: June 20 2023 $
+.Dd $Mdocdate: September 28 2023 $
 .Dt IMSG_INIT 3
 .Os
 .Sh NAME
@@ -466,15 +466,17 @@ replaces a part of
 .Fa buf
 at offset
 .Fa pos
-with the data of extent
+with the
+.Fa data
+of extent
 .Fa len .
 0 is returned on success and \-1 on failure.
 .Pp
 .Fn ibuf_set_n8 ,
 .Fn ibuf_set_n16 ,
-.Fn ibuf_seek_set_n32
+.Fn ibuf_set_n32
 and
-.Fn ibuf_seek_set_n64
+.Fn ibuf_set_n64
 replace a 1-byte, 2-byte, 4-byte or 8-byte
 .Fa value
 at offset

regress/lib/libcrypto/aead/aeadtest.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: aeadtest.c,v 1.24 2023/07/07 07:44:59 bcook Exp $	*/
+/*	$OpenBSD: aeadtest.c,v 1.26 2023/09/28 14:55:48 tb Exp $	*/
 /*
  * Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2014, Google Inc.
@@ -203,6 +203,7 @@ run_cipher_aead_encrypt_test(const EVP_CIPHER *cipher,
 	EVP_CIPHER_CTX *ctx;
 	size_t out_len;
 	int len;
+	int ivlen;
 	int ret = 0;
 
 	if ((ctx = EVP_CIPHER_CTX_new()) == NULL) {
@@ -220,6 +221,13 @@ run_cipher_aead_encrypt_test(const EVP_CIPHER *cipher,
 		goto err;
 	}
 
+	ivlen = EVP_CIPHER_CTX_iv_length(ctx);
+	if (ivlen != (int)lengths[NONCE]) {
+		fprintf(stderr, "FAIL: ivlen %d != nonce length %d\n", ivlen,
+		    (int)lengths[NONCE]);
+		goto err;
+	}
+
 	if (!EVP_EncryptInit_ex(ctx, NULL, NULL, bufs[KEY], NULL)) {
 		fprintf(stderr, "FAIL: EVP_EncryptInit_ex with key\n");
 		goto err;

regress/lib/libcrypto/aes/aes_test.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: aes_test.c,v 1.2 2022/11/07 23:09:25 joshua Exp $ */
+/*	$OpenBSD: aes_test.c,v 1.3 2023/09/28 08:21:43 tb Exp $ */
 /*
  * Copyright (c) 2022 Joshua Sing <joshua@hypera.dev>
  *

regress/lib/libcrypto/evp/evp_test.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: evp_test.c,v 1.4 2023/03/11 14:27:38 jsing Exp $ */
+/*	$OpenBSD: evp_test.c,v 1.7 2023/09/29 06:53:05 tb Exp $ */
 /*
  * Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
  *
@@ -15,6 +15,9 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+#include <assert.h>
+#include <stdio.h>
+
 #include <openssl/evp.h>
 #include <openssl/ossl_typ.h>
 
@@ -137,6 +140,270 @@ evp_pkey_method_test(void)
 	return failed;
 }
 
+static const struct evp_iv_len_test {
+	const EVP_CIPHER *(*cipher)(void);
+	int iv_len;
+	int setlen;
+	int expect;
+} evp_iv_len_tests[] = {
+	{
+		.cipher = EVP_aes_128_ccm,
+		.iv_len = 7,
+		.setlen = 11,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_aes_128_ccm,
+		.iv_len = 7,
+		.setlen = 6,
+		.expect = 0,
+	},
+	{
+		.cipher = EVP_aes_128_ccm,
+		.iv_len = 7,
+		.setlen = 13,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_aes_128_ccm,
+		.iv_len = 7,
+		.setlen = 14,
+		.expect = 0,
+	},
+
+	{
+		.cipher = EVP_aes_192_ccm,
+		.iv_len = 7,
+		.setlen = 11,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_aes_192_ccm,
+		.iv_len = 7,
+		.setlen = 6,
+		.expect = 0,
+	},
+	{
+		.cipher = EVP_aes_192_ccm,
+		.iv_len = 7,
+		.setlen = 13,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_aes_192_ccm,
+		.iv_len = 7,
+		.setlen = 14,
+		.expect = 0,
+	},
+
+	{
+		.cipher = EVP_aes_256_ccm,
+		.iv_len = 7,
+		.setlen = 11,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_aes_256_ccm,
+		.iv_len = 7,
+		.setlen = 6,
+		.expect = 0,
+	},
+	{
+		.cipher = EVP_aes_256_ccm,
+		.iv_len = 7,
+		.setlen = 13,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_aes_256_ccm,
+		.iv_len = 7,
+		.setlen = 14,
+		.expect = 0,
+	},
+
+	{
+		.cipher = EVP_aes_128_gcm,
+		.iv_len = 12,
+		.setlen = 16,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_aes_128_gcm,
+		.iv_len = 12,
+		.setlen = 0,
+		.expect = 0,
+	},
+	{
+		.cipher = EVP_aes_128_gcm,
+		.iv_len = 12,
+		.setlen = 1,
+		.expect = 1,
+	},
+	/* XXX - GCM IV length isn't capped... */
+	{
+		.cipher = EVP_aes_128_gcm,
+		.iv_len = 12,
+		.setlen = 1024 * 1024,
+		.expect = 1,
+	},
+
+	{
+		.cipher = EVP_aes_192_gcm,
+		.iv_len = 12,
+		.setlen = 16,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_aes_192_gcm,
+		.iv_len = 12,
+		.setlen = 0,
+		.expect = 0,
+	},
+	{
+		.cipher = EVP_aes_192_gcm,
+		.iv_len = 12,
+		.setlen = 1,
+		.expect = 1,
+	},
+	/* XXX - GCM IV length isn't capped... */
+	{
+		.cipher = EVP_aes_128_gcm,
+		.iv_len = 12,
+		.setlen = 1024 * 1024,
+		.expect = 1,
+	},
+
+	{
+		.cipher = EVP_aes_256_gcm,
+		.iv_len = 12,
+		.setlen = 16,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_aes_256_gcm,
+		.iv_len = 12,
+		.setlen = 0,
+		.expect = 0,
+	},
+	{
+		.cipher = EVP_aes_256_gcm,
+		.iv_len = 12,
+		.setlen = 1,
+		.expect = 1,
+	},
+	/* XXX - GCM IV length isn't capped... */
+	{
+		.cipher = EVP_aes_128_gcm,
+		.iv_len = 12,
+		.setlen = 1024 * 1024,
+		.expect = 1,
+	},
+
+	{
+		.cipher = EVP_aes_128_ecb,
+		.iv_len = 0,
+		.setlen = 11,
+		.expect = 0,
+	},
+
+	{
+		.cipher = EVP_chacha20_poly1305,
+		.iv_len = 12,
+		.setlen = 11,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_chacha20_poly1305,
+		.iv_len = 12,
+		.setlen = 12,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_chacha20_poly1305,
+		.iv_len = 12,
+		.setlen = 13,
+		.expect = 0,
+	},
+	{
+		.cipher = EVP_chacha20_poly1305,
+		.iv_len = 12,
+		.setlen = 1,
+		.expect = 1,
+	},
+	{
+		.cipher = EVP_chacha20_poly1305,
+		.iv_len = 12,
+		.setlen = 0,
+		.expect = 0,
+	},
+};
+
+#define N_EVP_IV_LEN_TESTS \
+    (sizeof(evp_iv_len_tests) / sizeof(evp_iv_len_tests[0]))
+
+static int
+evp_pkey_iv_len_testcase(const struct evp_iv_len_test *test)
+{
+	const EVP_CIPHER *cipher = test->cipher();
+	const char *name;
+	EVP_CIPHER_CTX *ctx;
+	int ret;
+	int failure = 1;
+
+	assert(cipher != NULL);
+	name = OBJ_nid2ln(EVP_CIPHER_nid(cipher));
+	assert(name != NULL);
+
+	if ((ctx = EVP_CIPHER_CTX_new()) == NULL) {
+		fprintf(stderr, "FAIL: %s: EVP_CIPHER_CTX_new()\n", name);
+		goto failure;
+	}
+
+	if ((ret = EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL)) <= 0) {
+		fprintf(stderr, "FAIL: %s: EVP_EncryptInit_ex:"
+		    " want %d, got %d\n", name, 1, ret);
+		goto failure;
+	}
+	if ((ret = EVP_CIPHER_CTX_iv_length(ctx)) != test->iv_len) {
+		fprintf(stderr, "FAIL: %s EVP_CIPHER_CTX_iv_length (before set)"
+		    " want %d, got %d\n", name, test->iv_len, ret);
+		goto failure;
+	}
+	if ((ret = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+	    test->setlen, NULL)) != test->expect) {
+		fprintf(stderr, "FAIL: %s EVP_CIPHER_CTX_ctrl"
+		    " want %d, got %d\n", name, test->expect, ret);
+		goto failure;
+	}
+	if (test->expect == 0)
+		goto done;
+	if ((ret = EVP_CIPHER_CTX_iv_length(ctx)) != test->setlen) {
+		fprintf(stderr, "FAIL: %s EVP_CIPHER_CTX_iv_length (after set)"
+		    " want %d, got %d\n", name, test->setlen, ret);
+		goto failure;
+	}
+
+ done:
+	failure = 0;
+
+ failure:
+	EVP_CIPHER_CTX_free(ctx);
+
+	return failure;
+}
+
+static int
+evp_pkey_iv_len_test(void)
+{
+	size_t i;
+	int failure = 0;
+
+	for (i = 0; i < N_EVP_IV_LEN_TESTS; i++)
+		failure |= evp_pkey_iv_len_testcase(&evp_iv_len_tests[i]);
+
+	return failure;
+}
+
 int
 main(int argc, char **argv)
 {
@@ -144,6 +411,7 @@ main(int argc, char **argv)
 
 	failed |= evp_asn1_method_test();
 	failed |= evp_pkey_method_test();
+	failed |= evp_pkey_iv_len_test();
 
 	OPENSSL_cleanup();
 

regress/lib/libcrypto/x509/constraints.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: constraints.c,v 1.15 2022/11/28 07:24:03 tb Exp $	*/
+/*	$OpenBSD: constraints.c,v 1.16 2023/09/29 15:53:59 beck Exp $	*/
 /*
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
  *
@@ -154,6 +154,12 @@ unsigned char *invaliduri[] = {
 	"https://.www.openbsd.org/",
 	"https://www.ope|nbsd.org%",
 	"https://www.openbsd.org.#",
+	"https://192.168.1.1./",
+	"https://192.168.1.1|/",
+	"https://.192.168.1.1/",
+	"https://192.168..1.1/",
+	"https://.2001:0DB8:AC10:FE01::/",
+	"https://.2001:0DB8:AC10:FE01::|/",
 	"///",
 	"//",
 	"/",
@@ -161,6 +167,15 @@ unsigned char *invaliduri[] = {
 	NULL,
 };
 
+unsigned char *validuri[] = {
+	"https://www.openbsd.org/meep/meep/meep/",
+	"https://192.168.1.1/",
+	"https://2001:0DB8:AC10:FE01::/",
+	"https://192.168.1/",  /* Not an IP, but valid component */
+	"https://999.999.999.999/", /* Not an IP, but valid component */
+	NULL,
+};
+
 static int
 test_valid_hostnames(void)
 {
@@ -169,7 +184,7 @@ test_valid_hostnames(void)
 	for (i = 0; valid_hostnames[i] != NULL; i++) {
 		CBS cbs;
 		CBS_init(&cbs, valid_hostnames[i], strlen(valid_hostnames[i]));
-		if (!x509_constraints_valid_host(&cbs)) {
+		if (!x509_constraints_valid_host(&cbs, 0)) {
 			FAIL("Valid hostname '%s' rejected\n",
 			    valid_hostnames[i]);
 			failure = 1;
@@ -183,6 +198,7 @@ test_valid_hostnames(void)
 			goto done;
 		}
 	}
+
  done:
 	return failure;
 }
@@ -202,6 +218,7 @@ test_valid_sandns_names(void)
 			goto done;
 		}
 	}
+
  done:
 	return failure;
 }
@@ -221,6 +238,7 @@ test_valid_domain_constraints(void)
 			goto done;
 		}
 	}
+
  done:
 	return failure;
 }
@@ -245,6 +263,7 @@ test_valid_mbox_names(void)
 		free(name.local);
 		name.local = NULL;
 	}
+
  done:
 	return failure;
 }
@@ -259,7 +278,7 @@ test_invalid_hostnames(void)
 	for (i = 0; invalid_hostnames[i] != NULL; i++) {
 		CBS_init(&cbs, invalid_hostnames[i],
 		    strlen(invalid_hostnames[i]));
-		if (x509_constraints_valid_host(&cbs)) {
+		if (x509_constraints_valid_host(&cbs, 0)) {
 			FAIL("Invalid hostname '%s' accepted\n",
 			    invalid_hostnames[i]);
 			failure = 1;
@@ -267,7 +286,7 @@ test_invalid_hostnames(void)
 		}
 	}
 	CBS_init(&cbs, nulhost, strlen(nulhost) + 1);
-	if (x509_constraints_valid_host(&cbs)) {
+	if (x509_constraints_valid_host(&cbs, 0)) {
 		FAIL("hostname with NUL byte accepted\n");
 		failure = 1;
 		goto done;
@@ -278,6 +297,7 @@ test_invalid_hostnames(void)
 		failure = 1;
 		goto done;
 	}
+
  done:
 	return failure;
 }
@@ -297,6 +317,7 @@ test_invalid_sandns_names(void)
 			goto done;
 		}
 	}
+
  done:
 	return failure;
 }
@@ -321,6 +342,7 @@ test_invalid_mbox_names(void)
 		free(name.local);
 		name.local = NULL;
 	}
+
  done:
 	return failure;
 }
@@ -340,6 +362,7 @@ test_invalid_domain_constraints(void)
 			goto done;
 		}
 	}
+
  done:
 	return failure;
 }
@@ -365,6 +388,27 @@ test_invalid_uri(void)
  done:
 	return failure;
 }
+static int
+test_valid_uri(void)
+{
+	int j, failure = 0;
+	char *hostpart = NULL;
+
+	for (j = 0; validuri[j] != NULL; j++) {
+		if (x509_constraints_uri_host(validuri[j],
+		    strlen(invaliduri[j]), &hostpart) == 0) {
+			FAIL("Valid URI '%s' NOT accepted\n",
+			    validuri[j]);
+			failure = 1;
+			goto done;
+		}
+		free(hostpart);
+		hostpart = NULL;
+	}
+
+ done:
+	return failure;
+}
 
 static int
 test_constraints1(void)
@@ -513,6 +557,7 @@ test_constraints1(void)
 		failure = 1;
 		goto done;
 	}
+
  done:
 	return failure;
 }
@@ -531,6 +576,7 @@ main(int argc, char **argv)
 	failed |= test_valid_domain_constraints();
 	failed |= test_invalid_domain_constraints();
 	failed |= test_invalid_uri();
+	failed |= test_valid_uri();
 	failed |= test_constraints1();
 
 	return (failed);

sys/dev/fdt/rkclock.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: rkclock.c,v 1.82 2023/07/09 16:33:49 patrick Exp $	*/
+/*	$OpenBSD: rkclock.c,v 1.83 2023/09/29 15:51:48 kettenis Exp $	*/
 /*
  * Copyright (c) 2017, 2018 Mark Kettenis <kettenis@openbsd.org>
  *
@@ -2952,6 +2952,24 @@ rk3399_enable(void *cookie, uint32_t *cells, int on)
 	}
 
 	switch (idx) {
+	case RK3399_CLK_USB2PHY0_REF:
+		HWRITE4(sc, RK3399_CRU_CLKGATE_CON(6), (5 << 0) << 16);
+		break;
+	case RK3399_CLK_USB2PHY1_REF:
+		HWRITE4(sc, RK3399_CRU_CLKGATE_CON(6), (6 << 0) << 16);
+		break;
+	case RK3399_CLK_UPHY0_TCPDPHY_REF:
+		HWRITE4(sc, RK3399_CRU_CLKGATE_CON(13), (4 << 0) << 16);
+		break;
+	case RK3399_CLK_UPHY0_TCPDCORE:
+		HWRITE4(sc, RK3399_CRU_CLKGATE_CON(13), (5 << 0) << 16);
+		break;
+	case RK3399_CLK_UPHY1_TCPDPHY_REF:
+		HWRITE4(sc, RK3399_CRU_CLKGATE_CON(13), (6 << 0) << 16);
+		break;
+	case RK3399_CLK_UPHY1_TCPDCORE:
+		HWRITE4(sc, RK3399_CRU_CLKGATE_CON(13), (7 << 0) << 16);
+		break;
 	case RK3399_ACLK_GMAC:
 		HWRITE4(sc, RK3399_CRU_CLKGATE_CON(32), (1 << 0) << 16);
 		break;

sys/dev/fdt/rkclock_clocks.h

@@ -187,7 +187,11 @@
 #define RK3399_CLK_MAC_RX		103
 #define RK3399_CLK_MAC_TX		104
 #define RK3399_CLK_MAC			105
+#define RK3399_CLK_USB2PHY0_REF		123
+#define RK3399_CLK_USB2PHY1_REF		124
+#define RK3399_CLK_UPHY0_TCPDPHY_REF	125
 #define RK3399_CLK_UPHY0_TCPDCORE	126
+#define RK3399_CLK_UPHY1_TCPDPHY_REF	127
 #define RK3399_CLK_UPHY1_TCPDCORE	128
 #define RK3399_CLK_USB3OTG0_REF		129
 #define RK3399_CLK_USB3OTG1_REF		130

sys/dev/fdt/rkusbphy.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: rkusbphy.c,v 1.2 2023/04/03 01:21:31 dlg Exp $ */
+/*	$OpenBSD: rkusbphy.c,v 1.4 2023/09/29 17:30:35 kettenis Exp $ */
 
 /*
  * Copyright (c) 2023 David Gwynne <dlg@openbsd.org>

sys/kern/kern_exec.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_exec.c,v 1.250 2023/07/10 03:31:57 guenther Exp $	*/
+/*	$OpenBSD: kern_exec.c,v 1.251 2023/09/29 12:47:34 claudio Exp $	*/
 /*	$NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $	*/
 
 /*-
@@ -284,7 +284,7 @@ sys_execve(struct proc *p, void *v, register_t *retval)
 	}
 
 	/* get other threads to stop */
-	if ((error = single_thread_set(p, SINGLE_UNWIND, 1)))
+	if ((error = single_thread_set(p, SINGLE_UNWIND | SINGLE_DEEP)))
 		return (error);
 
 	/*
@@ -444,7 +444,7 @@ sys_execve(struct proc *p, void *v, register_t *retval)
 	 * we're committed: any further errors will kill the process, so
 	 * kill the other threads now.
 	 */
-	single_thread_set(p, SINGLE_EXIT, 1);
+	single_thread_set(p, SINGLE_EXIT);
 
 	/*
 	 * Prepare vmspace for remapping. Note that uvmspace_exec can replace

sys/kern/kern_exit.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_exit.c,v 1.216 2023/09/21 13:49:25 claudio Exp $	*/
+/*	$OpenBSD: kern_exit.c,v 1.217 2023/09/29 12:47:34 claudio Exp $	*/
 /*	$NetBSD: kern_exit.c,v 1.39 1996/04/22 01:38:25 christos Exp $	*/
 
 /*
@@ -131,7 +131,7 @@ exit1(struct proc *p, int xexit, int xsig, int flags)
 	} else {
 		/* nope, multi-threaded */
 		if (flags == EXIT_NORMAL)
-			single_thread_set(p, SINGLE_EXIT, 1);
+			single_thread_set(p, SINGLE_EXIT);
 		else if (flags == EXIT_THREAD)
 			single_thread_check(p, 0);
 	}

sys/kern/kern_pledge.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.308 2023/09/19 10:43:33 claudio Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.309 2023/09/29 12:47:34 claudio Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -578,9 +578,9 @@ pledge_fail(struct proc *p, int error, uint64_t code)
 	    p->p_p->ps_comm, p->p_p->ps_pid, codes, p->p_pledge_syscall);
 	p->p_p->ps_acflag |= APLEDGE;
 
-	/* Stop threads immediately, because this process is suspect */
+	/* Try to stop threads immediately, because this process is suspect */
 	if (P_HASSIBLING(p))
-		single_thread_set(p, SINGLE_UNWIND, 1);
+		single_thread_set(p, SINGLE_UNWIND | SINGLE_DEEP);
 
 	/* Send uncatchable SIGABRT for coredump */
 	sigabort(p);

sys/kern/kern_sig.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_sig.c,v 1.318 2023/09/19 10:43:33 claudio Exp $	*/
+/*	$OpenBSD: kern_sig.c,v 1.319 2023/09/29 12:47:34 claudio Exp $	*/
 /*	$NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $	*/
 
 /*
@@ -840,7 +840,7 @@ trapsignal(struct proc *p, int signum, u_long trapno, int code,
 		    signum != SIGKILL && (p->p_sigmask & mask) != 0) {
 			int s;
 
-			single_thread_set(p, SINGLE_SUSPEND, 0);
+			single_thread_set(p, SINGLE_SUSPEND | SINGLE_NOWAIT);
 			pr->ps_xsig = signum;
 
 			SCHED_LOCK(s);
@@ -1290,7 +1290,7 @@ cursig(struct proc *p, struct sigctx *sctx)
 		 */
 		if (((pr->ps_flags & (PS_TRACED | PS_PPWAIT)) == PS_TRACED) &&
 		    signum != SIGKILL) {
-			single_thread_set(p, SINGLE_SUSPEND, 0);
+			single_thread_set(p, SINGLE_SUSPEND | SINGLE_NOWAIT);
 			pr->ps_xsig = signum;
 
 			SCHED_LOCK(s);
@@ -1559,7 +1559,7 @@ sigexit(struct proc *p, int signum)
 
 		/* if there are other threads, pause them */
 		if (P_HASSIBLING(p))
-			single_thread_set(p, SINGLE_UNWIND, 1);
+			single_thread_set(p, SINGLE_UNWIND);
 
 		if (coredump(p) == 0)
 			signum |= WCOREFLAG;
@@ -2066,16 +2066,16 @@ single_thread_check(struct proc *p, int deep)
  *  - SINGLE_EXIT: unwind to kernel boundary and exit
  */
 int
-single_thread_set(struct proc *p, enum single_thread_mode mode, int wait)
+single_thread_set(struct proc *p, int flags)
 {
 	struct process *pr = p->p_p;
 	struct proc *q;
-	int error, s;
+	int error, s, mode = flags & SINGLE_MASK;
 
 	KASSERT(curproc == p);
 
 	SCHED_LOCK(s);
-	error = single_thread_check_locked(p, (mode == SINGLE_UNWIND), s);
+	error = single_thread_check_locked(p, flags & SINGLE_DEEP, s);
 	if (error) {
 		SCHED_UNLOCK(s);
 		return error;
@@ -2146,7 +2146,7 @@ single_thread_set(struct proc *p, enum single_thread_mode mode, int wait)
 	}
 	SCHED_UNLOCK(s);
 
-	if (wait)
+	if ((flags & SINGLE_NOWAIT) == 0)
 		single_thread_wait(pr, 1);
 
 	return 0;

sys/net/pfkeyv2.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkeyv2.c,v 1.257 2023/08/07 03:35:06 dlg Exp $ */
+/* $OpenBSD: pfkeyv2.c,v 1.258 2023/09/29 18:40:08 tobhe Exp $ */
 
 /*
  *	@(#)COPYRIGHT	1.1 (NRL) 17 January 1995
@@ -1162,6 +1162,10 @@ pfkeyv2_dosend(struct socket *so, void *message, int len)
 
 	rdomain = kp->kcb_rdomain;
 
+	/* Validate message format */
+	if ((rval = pfkeyv2_parsemessage(message, len, headers)) != 0)
+		goto ret;
+
 	/* If we have any promiscuous listeners, send them a copy of the message */
 	if (promisc) {
 		struct mbuf *packet;
@@ -1208,10 +1212,6 @@ pfkeyv2_dosend(struct socket *so, void *message, int len)
 		freeme_sz = 0;
 	}
 
-	/* Validate message format */
-	if ((rval = pfkeyv2_parsemessage(message, len, headers)) != 0)
-		goto ret;
-
 	/* use specified rdomain */
 	srdomain = (struct sadb_x_rdomain *) headers[SADB_X_EXT_RDOMAIN];
 	if (srdomain) {

sys/net/pfkeyv2_parsemessage.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfkeyv2_parsemessage.c,v 1.61 2023/08/07 03:35:06 dlg Exp $	*/
+/*	$OpenBSD: pfkeyv2_parsemessage.c,v 1.62 2023/09/29 18:45:42 tobhe Exp $	*/
 
 /*
  *	@(#)COPYRIGHT	1.1 (NRL) 17 January 1995
@@ -327,16 +327,8 @@ pfkeyv2_parsemessage(void *p, int len, void **headers)
 	}
 
 	if (sadb_msg->sadb_msg_errno) {
-		if (left) {
-			DPRINTF("too-large error message");
-			return (EINVAL);
-		}
-		return (0);
-	}
-
-	if (sadb_msg->sadb_msg_type == SADB_X_PROMISC) {
-		DPRINTF("message type promiscuous");
-		return (0);
+		DPRINTF("errno set");
+		return (EINVAL);
 	}
 
 	allow = sadb_exts_allowed_in[sadb_msg->sadb_msg_type];

sys/sys/proc.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: proc.h,v 1.351 2023/09/13 14:25:49 claudio Exp $	*/
+/*	$OpenBSD: proc.h,v 1.352 2023/09/29 12:47:34 claudio Exp $	*/
 /*	$NetBSD: proc.h,v 1.44 1996/04/22 01:23:21 christos Exp $	*/
 
 /*-
@@ -571,12 +571,15 @@ refreshcreds(struct proc *p)
 		dorefreshcreds(pr, p);
 }
 
-enum single_thread_mode {
-	SINGLE_SUSPEND,		/* other threads to stop wherever they are */
-	SINGLE_UNWIND,		/* other threads to unwind and stop */
-	SINGLE_EXIT		/* other threads to unwind and then exit */
-};
-int	single_thread_set(struct proc *, enum single_thread_mode, int);
+#define	SINGLE_SUSPEND	0x01	/* other threads to stop wherever they are */
+#define	SINGLE_UNWIND	0x02	/* other threads to unwind and stop */
+#define	SINGLE_EXIT	0x03	/* other threads to unwind and then exit */
+#define	SINGLE_MASK	0x0f
+/* extra flags for single_thread_set */
+#define	SINGLE_DEEP	0x10	/* call is in deep */
+#define	SINGLE_NOWAIT	0x20	/* do not wait for other threads to stop */
+
+int	single_thread_set(struct proc *, int);
 int	single_thread_wait(struct process *, int);
 void	single_thread_clear(struct proc *, int);
 int	single_thread_check(struct proc *, int);

usr.sbin/bgpd/control.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: control.c,v 1.112 2023/08/04 09:20:12 claudio Exp $ */
+/*	$OpenBSD: control.c,v 1.113 2023/09/28 07:01:26 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -388,14 +388,20 @@ control_dispatch_msg(struct pollfd *pfd, struct peer_head *peers)
 					control_result(c, CTL_RES_OK);
 					break;
 				case IMSG_CTL_NEIGHBOR_DOWN:
-					p->conf.down = 1;
+					neighbor->reason[
+					    sizeof(neighbor->reason) - 1] =
+					    '\0';
 					strlcpy(p->conf.reason,
 					    neighbor->reason,
 					    sizeof(p->conf.reason));
+					p->conf.down = 1;
 					session_stop(p, ERR_CEASE_ADMIN_DOWN);
 					control_result(c, CTL_RES_OK);
 					break;
 				case IMSG_CTL_NEIGHBOR_CLEAR:
+					neighbor->reason[
+					    sizeof(neighbor->reason) - 1] =
+					    '\0';
 					strlcpy(p->conf.reason,
 					    neighbor->reason,
 					    sizeof(p->conf.reason));

usr.sbin/bgpd/version.h

@@ -1,3 +1,3 @@
-/* $OpenBSD: version.h,v 1.12 2023/07/11 15:18:31 claudio Exp $ */
+/* $OpenBSD: version.h,v 1.13 2023/09/28 07:02:50 claudio Exp $ */
 
-#define BGPD_VERSION	"8.1"
+#define BGPD_VERSION	"8.2"

usr.sbin/smtpd/smtpd.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: smtpd.h,v 1.677 2023/06/17 08:32:48 op Exp $	*/
+/*	$OpenBSD: smtpd.h,v 1.678 2023/09/29 18:30:14 op Exp $	*/
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -55,7 +55,7 @@
 #define SMTPD_QUEUE_EXPIRY	 (4 * 24 * 60 * 60)
 #define SMTPD_SOCKET		 "/var/run/smtpd.sock"
 #define	SMTPD_NAME		 "OpenSMTPD"
-#define	SMTPD_VERSION		 "7.3.0"
+#define	SMTPD_VERSION		 "7.4.0"
 #define SMTPD_SESSION_TIMEOUT	 300
 #define SMTPD_BACKLOG		 5