SecBSD
/
src
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sync with OpenBSD -current

This commit is contained in:
purplerain 2024-03-01 22:08:46 +00:00
parent 9bb6d42f92
commit efa57bf0d2
Signed by: purplerain
GPG Key ID: F42C07F07E2E35B7
33 changed files with 279 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
distrib/sets/lists/etc/mi
View File

@ -57,6 +57,7 @@
./root/.login
./root/.profile
./root/.ssh/authorized_keys
./var/account/acct
./var/crash/minfree
./var/cron/at.deny
./var/cron/cron.deny

4
etc/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.487 2023/12/13 11:34:56 job Exp $
# $OpenBSD: Makefile,v 1.488 2024/02/29 22:21:21 bluhm Exp $
.include <bsd.own.mk>
@ -179,6 +179,8 @@ distribution-etc-root-var: distrib-dirs
chown -h root:wheel ${DESTDIR}/etc/localtime
ln -fs /usr/sbin/rmt ${DESTDIR}/etc/rmt
chown -h root:wheel ${DESTDIR}/etc/rmt
${INSTALL} -c -o root -g wheel -m 644 /dev/null \
${DESTDIR}/var/account/acct
${INSTALL} -c -o root -g wheel -m 644 minfree \
${DESTDIR}/var/crash
${INSTALL} -c -o ${BINOWN} -g operator -m 664 /dev/null \

2
etc/skel/dot.version
View File

@ -1 +1 @@
# SecBSD 1.5-de8ea3c: Sat Feb 17 20:41:00 UTC 2024 (Yatagarasu)
# SecBSD 1.5-df5e0c0: Fri Mar 1 20:10:00 UTC 2024 (Yatagarasu)

4
lib/libcrypto/hidden/openssl/asn1.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: asn1.h,v 1.7 2023/11/13 12:46:07 beck Exp $ */
/* $OpenBSD: asn1.h,v 1.8 2024/03/01 07:38:33 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -249,7 +249,5 @@ LCRYPTO_USED(SMIME_text);
LCRYPTO_USED(ERR_load_ASN1_strings);
LCRYPTO_USED(ASN1_time_parse);
LCRYPTO_USED(ASN1_time_tm_cmp);
LCRYPTO_USED(OPENSSL_gmtime);
LCRYPTO_USED(OPENSSL_timegm);
#endif /* _LIBCRYPTO_ASN1_H */

3
lib/libcrypto/hidden/openssl/crypto.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: crypto.h,v 1.2 2023/07/28 10:19:20 tb Exp $ */
/* $OpenBSD: crypto.h,v 1.3 2024/03/01 07:38:33 tb Exp $ */
/*
* Copyright (c) 2023 Bob Beck <beck@openbsd.org>
*
@ -71,6 +71,7 @@ LCRYPTO_USED(OpenSSLDie);
LCRYPTO_USED(OPENSSL_cpu_caps);
LCRYPTO_USED(OPENSSL_init_crypto);
LCRYPTO_USED(OPENSSL_cleanup);
LCRYPTO_USED(OPENSSL_gmtime);
LCRYPTO_USED(ERR_load_CRYPTO_strings);
#endif /* _LIBCRYPTO_CRYPTO_H */

3
regress/lib/libcrypto/asn1/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.27 2024/02/18 16:32:29 tb Exp $
# $OpenBSD: Makefile,v 1.28 2024/02/29 20:03:47 tb Exp $
PROGS = \
asn1api \
@ -25,5 +25,6 @@ CFLAGS+= -I${.CURDIR}/../../../../lib/libcrypto/bytestring
LDADD_asn1basic = ${CRYPTO_INT}
LDADD_asn1object = ${CRYPTO_INT}
LDADD_asn1time = ${CRYPTO_INT}
LDADD_x509_algor = ${CRYPTO_INT}
.include <bsd.regress.mk>

24
regress/lib/libcrypto/asn1/x509_algor.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: x509_algor.c,v 1.6 2023/10/26 08:01:38 tb Exp $ */
/* $OpenBSD: x509_algor.c,v 1.7 2024/02/29 20:03:47 tb Exp $ */
/*
* Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
*
@ -23,7 +23,7 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
int X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md);
static int
x509_algor_new_test(void)
@ -321,7 +321,7 @@ x509_algor_get0_test(void)
}
static int
x509_algor_set_md_test(void)
x509_algor_set_evp_md_test(void)
{
X509_ALGOR *alg = NULL;
const ASN1_OBJECT *aobj;
@ -331,7 +331,11 @@ x509_algor_set_md_test(void)
if ((alg = X509_ALGOR_new()) == NULL)
errx(1, "%s: X509_ALGOR_new", __func__);
X509_ALGOR_set_md(alg, EVP_sm3());
if (!X509_ALGOR_set_evp_md(alg, EVP_sm3())) {
fprintf(stderr, "%s: X509_ALGOR_set_evp_md to sm3 failed\n",
__func__);
goto failure;
}
X509_ALGOR_get0(&aobj, &ptype, NULL, alg);
if ((nid = OBJ_obj2nid(aobj)) != NID_sm3) {
fprintf(stderr, "%s: sm3 want %d, got %d\n", __func__,
@ -348,15 +352,19 @@ x509_algor_set_md_test(void)
if (!X509_ALGOR_set0(alg, NULL, 0, NULL))
errx(1, "%s: X509_ALGOR_set0", __func__);
X509_ALGOR_set_md(alg, EVP_md5());
if (!X509_ALGOR_set_evp_md(alg, EVP_md5())) {
fprintf(stderr, "%s: X509_ALGOR_set_evp_md to md5 failed\n",
__func__);
goto failure;
}
X509_ALGOR_get0(&aobj, &ptype, NULL, alg);
if ((nid = OBJ_obj2nid(aobj)) != NID_md5) {
fprintf(stderr, "%s: sm3 want %d, got %d\n", __func__,
fprintf(stderr, "%s: md5 want %d, got %d\n", __func__,
NID_sm3, nid);
goto failure;
}
if (ptype != V_ASN1_NULL) {
fprintf(stderr, "%s: sm3 want %d, got %d\n", __func__,
fprintf(stderr, "%s: md5 want %d, got %d\n", __func__,
V_ASN1_NULL, ptype);
goto failure;
}
@ -377,7 +385,7 @@ main(void)
failed |= x509_algor_new_test();
failed |= x509_algor_set0_test();
failed |= x509_algor_get0_test();
failed |= x509_algor_set_md_test();
failed |= x509_algor_set_evp_md_test();
return failed;
}

3
regress/lib/libcrypto/dsa/dsatest.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dsatest.c,v 1.10 2023/11/19 13:11:05 tb Exp $ */
/* $OpenBSD: dsatest.c,v 1.11 2024/02/29 20:04:43 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -196,7 +196,6 @@ end:
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
BIO_free(bio_err);
bio_err = NULL;

3
regress/lib/libcrypto/ec/ectest.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ectest.c,v 1.22 2023/11/19 13:11:05 tb Exp $ */
/* $OpenBSD: ectest.c,v 1.23 2024/02/29 20:04:43 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
@ -769,7 +769,6 @@ main(int argc, char *argv[])
CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_thread_state(NULL);
CRYPTO_mem_leaks_fp(stderr);
return 0;
}

4
regress/lib/libcrypto/evp/evp_pkey_cleanup.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: evp_pkey_cleanup.c,v 1.4 2024/01/15 15:09:57 tb Exp $ */
/* $OpenBSD: evp_pkey_cleanup.c,v 1.5 2024/02/29 20:02:00 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
@ -34,8 +34,6 @@ int pkey_ids[] = {
EVP_PKEY_DSA,
EVP_PKEY_EC,
EVP_PKEY_ED25519,
EVP_PKEY_GOSTIMIT,
EVP_PKEY_GOSTR01,
EVP_PKEY_HMAC,
EVP_PKEY_RSA,
EVP_PKEY_RSA_PSS,

6
regress/lib/libcrypto/evp/evp_test.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: evp_test.c,v 1.16 2024/01/21 19:08:59 tb Exp $ */
/* $OpenBSD: evp_test.c,v 1.17 2024/02/29 20:02:40 tb Exp $ */
/*
* Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
@ -734,10 +734,6 @@ obj_name_do_all_test(void)
OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, obj_name_cb, &arg);
failure |= arg.failure;
memset(&arg, 0, sizeof(arg));
OBJ_NAME_do_all(OBJ_NAME_TYPE_PKEY_METH, obj_name_cb, &arg);
failure |= arg.failure;
return failure;
}

3
regress/lib/libcrypto/evp/evptest.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: evptest.c,v 1.13 2023/11/19 13:11:06 tb Exp $ */
/* $OpenBSD: evptest.c,v 1.14 2024/02/29 20:04:43 tb Exp $ */
/* Written by Ben Laurie, 2001 */
/*
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
@ -441,7 +441,6 @@ main(int argc, char **argv)
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks_fp(stderr);
return 0;
}

4
regress/lib/libcrypto/free/freenull.c.head
View File

@ -1,4 +1,4 @@
/* $OpenBSD: freenull.c.head,v 1.8 2023/11/20 01:20:19 tb Exp $ */
/* $OpenBSD: freenull.c.head,v 1.9 2024/02/29 20:00:53 tb Exp $ */
#include <openssl/asn1.h>
#include <openssl/cmac.h>
@ -7,7 +7,9 @@
#include <openssl/conf_api.h>
#include <openssl/ct.h>
#include <openssl/engine.h>
#ifndef OPENSSL_NO_GOST
#include <openssl/gost.h>
#endif
#include <openssl/hmac.h>
#include <openssl/ocsp.h>
#include <openssl/pkcs12.h>

3
regress/lib/libcrypto/gost/gost2814789t.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: gost2814789t.c,v 1.10 2023/11/19 13:11:06 tb Exp $ */
/* $OpenBSD: gost2814789t.c,v 1.11 2024/02/29 20:06:24 tb Exp $ */
/* vim: set fileencoding=ascii : Charset: ASCII */
/* test/gostr2814789t.c */
/* ====================================================================
@ -9,6 +9,7 @@
* ====================================================================
*/
#include <stdio.h>
#include <openssl/opensslfeatures.h>
#if defined(OPENSSL_NO_GOST)
int main(int argc, char *argv[])

56
regress/lib/libssl/ciphers/cipherstest.c
View File

@ -129,61 +129,6 @@ cipher_find_test(void)
return (ret);
}
static int
cipher_get_by_value_tests(void)
{
STACK_OF(SSL_CIPHER) *ciphers;
const SSL_CIPHER *cipher;
SSL_CTX *ssl_ctx = NULL;
SSL *ssl = NULL;
unsigned long id;
uint16_t value;
int ret = 1;
int i;
if ((ssl_ctx = SSL_CTX_new(SSLv23_method())) == NULL) {
fprintf(stderr, "SSL_CTX_new() returned NULL\n");
goto failure;
}
if ((ssl = SSL_new(ssl_ctx)) == NULL) {
fprintf(stderr, "SSL_new() returned NULL\n");
goto failure;
}
if ((ciphers = SSL_get_ciphers(ssl)) == NULL) {
fprintf(stderr, "no ciphers\n");
goto failure;
}
for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
cipher = sk_SSL_CIPHER_value(ciphers, i);
id = SSL_CIPHER_get_id(cipher);
if (SSL_CIPHER_get_by_id(id) == NULL) {
fprintf(stderr, "SSL_CIPHER_get_by_id() failed "
"for %s (0x%lx)\n", SSL_CIPHER_get_name(cipher),
id);
goto failure;
}
value = SSL_CIPHER_get_value(cipher);
if (SSL_CIPHER_get_by_value(value) == NULL) {
fprintf(stderr, "SSL_CIPHER_get_by_value() failed "
"for %s (0x%04hx)\n", SSL_CIPHER_get_name(cipher),
value);
goto failure;
}
}
ret = 0;
failure:
SSL_CTX_free(ssl_ctx);
SSL_free(ssl);
return (ret);
}
struct parse_ciphersuites_test {
const char *str;
const int want;
@ -522,7 +467,6 @@ main(int argc, char **argv)
failed |= check_cipher_order();
failed |= cipher_find_test();
failed |= cipher_get_by_value_tests();
failed |= parse_ciphersuites_test();
failed |= cipher_set_test();

7
regress/lib/libssl/exporter/exportertest.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: exportertest.c,v 1.3 2023/04/14 14:23:05 tb Exp $ */
/* $OpenBSD: exportertest.c,v 1.4 2024/03/01 03:46:54 tb Exp $ */
/*
* Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
*
@ -534,6 +534,7 @@ exporter_test(size_t test_no, const struct exporter_test *et)
SSL_CTX *ssl_ctx = NULL;
SSL *ssl = NULL;
uint8_t export[256];
unsigned char id[2];
int err, ret;
int failed = 1;
@ -602,7 +603,9 @@ exporter_test(size_t test_no, const struct exporter_test *et)
ssl->s3->hs.state = SSL_ST_OK;
ssl->s3->hs.negotiated_tls_version = et->tls_version;
ssl->s3->hs.cipher = SSL_CIPHER_get_by_id(et->cipher_id);
id[0] = (et->cipher_id >> 8) & 0xff;
id[1] = et->cipher_id & 0xff;
ssl->s3->hs.cipher = SSL_CIPHER_find(ssl, id);
ret = SSL_export_keying_material(ssl, export, et->export_len, et->label,
et->label_len, et->context_value, et->context_value_len,

3
regress/lib/libssl/ssl/ssltest.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssltest.c,v 1.44 2023/11/19 13:12:06 tb Exp $ */
/* $OpenBSD: ssltest.c,v 1.45 2024/03/01 03:45:16 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -763,7 +763,6 @@ end:
ERR_free_strings();
ERR_remove_thread_state(NULL);
EVP_cleanup();
CRYPTO_mem_leaks(bio_err);
BIO_free(bio_err);
exit(ret);

3
regress/sys/kern/nanosleep/Makefile
View File

@ -1,7 +1,8 @@
# $OpenBSD: Makefile,v 1.4 2018/05/22 18:33:41 cheloha Exp $
# $OpenBSD: Makefile,v 1.5 2024/02/29 21:47:02 bluhm Exp $
PROG= nanosleep
SRCS= nanosleep.c
WARNINGS= yes
trivial: nanosleep
./nanosleep -t

172
regress/sys/kern/nanosleep/nanosleep.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: nanosleep.c,v 1.8 2024/02/29 18:17:41 bluhm Exp $ */
/* $OpenBSD: nanosleep.c,v 1.9 2024/02/29 21:47:02 bluhm Exp $ */
/*
* Written by Artur Grabowski <art@openbsd.org> 2002 Public Domain.
*/
@ -50,6 +50,7 @@ main(int argc, char **argv)
break;
case 'S':
ret |= short_time();
break;
default:
fprintf(stderr, "Usage: nanosleep [-itseSE]\n");
exit(1);
@ -67,14 +68,14 @@ sighandler(int signum)
int
trivial(void)
{
struct timespec ts, rts;
struct timespec timeout, remainder;
ts.tv_sec = 0;
ts.tv_nsec = 30000000;
rts.tv_sec = 4711; /* Just add to the confusion */
rts.tv_nsec = 4711;
if (nanosleep(&ts, &rts) < 0) {
warn("trivial: nanosleep");
timeout.tv_sec = 0;
timeout.tv_nsec = 30000000;
remainder.tv_sec = 4711; /* Just add to the confusion */
remainder.tv_nsec = 4711;
if (nanosleep(&timeout, &remainder) < 0) {
warn("%s: nanosleep", __func__);
return 1;
}
@ -83,9 +84,9 @@ trivial(void)
* amount of time we want to sleep.
* If we receive any signal, something is wrong anyway.
*/
if (rts.tv_sec != 0 || rts.tv_nsec != 0) {
warnx("trivial: non-zero time? %lld/%ld", (long long)rts.tv_sec,
rts.tv_nsec);
if (remainder.tv_sec != 0 || remainder.tv_nsec != 0) {
warnx("%s: non-zero time: %lld.%09ld", __func__,
(long long)remainder.tv_sec, remainder.tv_nsec);
return 1;
}
@ -95,7 +96,7 @@ trivial(void)
int
with_signal(void)
{
struct timespec ts, rts;
struct timespec timeout, remainder;
pid_t pid;
int status;
@ -106,29 +107,34 @@ with_signal(void)
switch(fork()) {
case -1:
err(1, "fork");
default:
ts.tv_sec = 1;
ts.tv_nsec = 0;
nanosleep(&ts, NULL);
case 0:
timeout.tv_sec = 1;
timeout.tv_nsec = 0;
nanosleep(&timeout, NULL);
kill(pid, SIGUSR1);
exit(0);
_exit(0);
default:
break;
}
ts.tv_sec = 10;
ts.tv_nsec = 0;
rts.tv_sec = 0;
rts.tv_nsec = 0;
if (nanosleep(&ts, &rts) == 0) {
warnx("with-signal: nanosleep");
timeout.tv_sec = 10;
timeout.tv_nsec = 0;
remainder.tv_sec = 0;
remainder.tv_nsec = 0;
if (nanosleep(&timeout, &remainder) == 0) {
warnx("%s: nanosleep", __func__);
return 1;
}
if (rts.tv_sec == 0 && rts.tv_nsec == 0) {
warnx("with-signal: zero time");
if (remainder.tv_sec == 0 && remainder.tv_nsec == 0) {
warnx("%s: zero time", __func__);
return 1;
}
if (wait(&status) < 0)
err(1, "wait");
if (status != 0)
errx(1, "status");
return 0;
}
@ -136,31 +142,32 @@ with_signal(void)
int
time_elapsed(void)
{
struct timespec ts;
struct timespec stv, etv;
struct timespec timeout;
struct timespec start, end, duration;
ts.tv_sec = 0;
ts.tv_nsec = 500000000;
timeout.tv_sec = 0;
timeout.tv_nsec = 500000000;
if (clock_gettime(CLOCK_MONOTONIC, &stv) < 0) {
warn("clock_gettime");
if (clock_gettime(CLOCK_MONOTONIC, &start) < 0) {
warn("%s: clock_gettime", __func__);
return 1;
}
if (nanosleep(&ts, NULL) < 0) {
warn("nanosleep");
if (nanosleep(&timeout, NULL) < 0) {
warn("%s: nanosleep", __func__);
return 1;
}
if (clock_gettime(CLOCK_MONOTONIC, &etv) < 0) {
warn("clock_gettime");
if (clock_gettime(CLOCK_MONOTONIC, &end) < 0) {
warn("%s: clock_gettime", __func__);
return 1;
}
timespecsub(&etv, &stv, &stv);
timespecsub(&end, &start, &duration);
if (stv.tv_sec == 0 && stv.tv_nsec < 500000000) {
warnx("slept less than 0.5 sec");
if (duration.tv_sec == 0 && duration.tv_nsec < 500000000) {
warnx("%s: slept less than 0.5 sec: %lld.%09ld", __func__,
(long long)duration.tv_sec, duration.tv_nsec);
return 1;
}
@ -170,8 +177,8 @@ time_elapsed(void)
int
time_elapsed_with_signal(void)
{
struct timespec ts, rts;
struct timespec stv, etv;
struct timespec timeout, remainder;
struct timespec start, end, duration;
pid_t pid;
int status;
@ -182,49 +189,52 @@ time_elapsed_with_signal(void)
switch(fork()) {
case -1:
err(1, "fork");
default:
ts.tv_sec = 1;
ts.tv_nsec = 0;
nanosleep(&ts, NULL);
case 0:
timeout.tv_sec = 1;
timeout.tv_nsec = 0;
nanosleep(&timeout, NULL);
kill(pid, SIGUSR1);
exit(0);
_exit(0);
default:
break;
}
ts.tv_sec = 10;
ts.tv_nsec = 0;
rts.tv_sec = 0;
rts.tv_nsec = 0;
if (clock_gettime(CLOCK_MONOTONIC, &stv) < 0) {
warn("clock_gettime");
if (clock_gettime(CLOCK_MONOTONIC, &start) < 0) {
warn("%s: clock_gettime", __func__);
return 1;
}
if (nanosleep(&ts, &rts) == 0) {
warnx("nanosleep");
timeout.tv_sec = 10;
timeout.tv_nsec = 0;
remainder.tv_sec = 0;
remainder.tv_nsec = 0;
if (nanosleep(&timeout, &remainder) == 0) {
warnx("%s: nanosleep", __func__);
return 1;
}
if (clock_gettime(CLOCK_MONOTONIC, &etv) < 0) {
warn("clock_gettime");
if (clock_gettime(CLOCK_MONOTONIC, &end) < 0) {
warn("%s: clock_gettime", __func__);
return 1;
}
timespecsub(&etv, &stv, &stv);
timespecsub(&end, &start, &duration);
timespecadd(&duration, &remainder, &timeout);
/* XXX remainder may be one tick too small */
remainder.tv_sec = 0;
remainder.tv_nsec = 10000000;
timespecadd(&timeout, &remainder, &timeout);
etv.tv_sec = rts.tv_sec;
etv.tv_nsec = rts.tv_nsec;
timespecadd(&etv, &stv, &stv);
if (stv.tv_sec < 10) {
warnx("slept time + leftover time < 10 sec");
if (timeout.tv_sec < 10) {
warnx("%s: slept time + leftover time < 10 sec: %lld.%09ld",
__func__, (long long)timeout.tv_sec, timeout.tv_nsec);
return 1;
}
if (wait(&status) < 0)
err(1, "wait");
if (status != 0)
errx(1, "status");
return 0;
}
@ -232,7 +242,7 @@ time_elapsed_with_signal(void)
int
short_time(void)
{
struct timespec ts, rts;
struct timespec timeout;
pid_t pid;
int status;
@ -243,24 +253,28 @@ short_time(void)
switch(fork()) {
case -1:
err(1, "fork");
default:
case 0:
/* Sleep two seconds, then shoot parent. */
ts.tv_sec = 2;
ts.tv_nsec = 0;
nanosleep(&ts, NULL);
timeout.tv_sec = 2;
timeout.tv_nsec = 0;
nanosleep(&timeout, NULL);
kill(pid, SIGUSR1);
exit(0);
_exit(0);
default:
break;
}
ts.tv_sec = 0;
ts.tv_nsec = 1;
if (nanosleep(&ts, NULL) <= 0) {
warn("short_time: nanosleep");
timeout.tv_sec = 0;
timeout.tv_nsec = 1;
if (nanosleep(&timeout, NULL) < 0) {
warn("%s: nanosleep", __func__);
return 1;
}
if (wait(&status) < 0)
err(1, "wait");
if (status != 0)
errx(1, "status");
return 0;
}
@ -268,14 +282,14 @@ short_time(void)
int
invalid_time(void)
{
struct timespec ts[3] = { {-1, 0}, {0, -1}, {0, 1000000000L} };
struct timespec timeout[3] = { {-1, 0}, {0, -1}, {0, 1000000000L} };
int i, status;
for (i = 0; i < 3; i++) {
status = nanosleep(&ts[i], NULL);
status = nanosleep(&timeout[i], NULL);
if (status != -1 || errno != EINVAL) {
warnx("invalid-time: nanosleep %lld %ld",
(long long)ts[i].tv_sec, ts[i].tv_nsec);
warnx("%s: nanosleep %lld %ld", __func__,
(long long)timeout[i].tv_sec, timeout[i].tv_nsec);
return 1;
}
}

6
sbin/fdisk/cmd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: cmd.c,v 1.179 2023/11/18 15:42:09 krw Exp $ */
/* $OpenBSD: cmd.c,v 1.180 2024/03/01 17:48:03 krw Exp $ */
/*
* Copyright (c) 1997 Tobias Weingartner
@ -294,6 +294,7 @@ Xedit(const char *args, struct mbr *mbr)
int
gsetpid(const int pn)
{
int32_t is_nil;
uint32_t status;
GPT_print_parthdr(TERSE);
@ -305,8 +306,9 @@ gsetpid(const int pn)
return -1;
}
is_nil = uuid_is_nil(&gp[pn].gp_type, NULL);
gp[pn].gp_type = *ask_uuid(&gp[pn].gp_type);
if (PRT_protected_uuid(&gp[pn].gp_type)) {
if (PRT_protected_uuid(&gp[pn].gp_type) && is_nil == 0) {
printf("can't change partition type to %s\n",
PRT_uuid_to_desc(&gp[pn].gp_type));
return -1;

30
sys/arch/arm64/arm64/cpu.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: cpu.c,v 1.106 2024/02/28 00:53:16 jsg Exp $ */
/* $OpenBSD: cpu.c,v 1.107 2024/03/01 15:57:43 kettenis Exp $ */
/*
* Copyright (c) 2016 Dale Rahn <drahn@dalerahn.com>
@ -266,6 +266,13 @@ void cpu_opp_kstat_attach(struct cpu_info *ci);
void
cpu_identify(struct cpu_info *ci)
{
static uint64_t prev_id_aa64isar0;
static uint64_t prev_id_aa64isar1;
static uint64_t prev_id_aa64isar2;
static uint64_t prev_id_aa64mmfr0;
static uint64_t prev_id_aa64mmfr1;
static uint64_t prev_id_aa64pfr0;
static uint64_t prev_id_aa64pfr1;
uint64_t midr, impl, part;
uint64_t clidr, id;
uint32_t ctr, ccsidr, sets, ways, line;
@ -482,6 +489,19 @@ cpu_identify(struct cpu_info *ci)
if (impl == CPU_IMPL_APPLE)
ci->ci_serror = cpu_serror_apple;
/*
* Skip printing CPU features if they are identical to the
* previous CPU.
*/
if (READ_SPECIALREG(id_aa64isar0_el1) == prev_id_aa64isar0 &&
READ_SPECIALREG(id_aa64isar1_el1) == prev_id_aa64isar1 &&
READ_SPECIALREG(id_aa64isar2_el1) == prev_id_aa64isar2 &&
READ_SPECIALREG(id_aa64mmfr0_el1) == prev_id_aa64mmfr0 &&
READ_SPECIALREG(id_aa64mmfr1_el1) == prev_id_aa64mmfr1 &&
READ_SPECIALREG(id_aa64pfr0_el1) == prev_id_aa64pfr0 &&
READ_SPECIALREG(id_aa64pfr1_el1) == prev_id_aa64pfr1)
return;
/*
* Print CPU features encoded in the ID registers.
*/
@ -787,6 +807,14 @@ cpu_identify(struct cpu_info *ci)
sep = ",";
}
prev_id_aa64isar0 = READ_SPECIALREG(id_aa64isar0_el1);
prev_id_aa64isar1 = READ_SPECIALREG(id_aa64isar1_el1);
prev_id_aa64isar2 = READ_SPECIALREG(id_aa64isar2_el1);
prev_id_aa64mmfr0 = READ_SPECIALREG(id_aa64mmfr0_el1);
prev_id_aa64mmfr1 = READ_SPECIALREG(id_aa64mmfr1_el1);
prev_id_aa64pfr0 = READ_SPECIALREG(id_aa64pfr0_el1);
prev_id_aa64pfr1 = READ_SPECIALREG(id_aa64pfr1_el1);
#ifdef CPU_DEBUG
id = READ_SPECIALREG(id_aa64afr0_el1);
printf("\nID_AA64AFR0_EL1: 0x%016llx", id);

1
sys/dev/pci/drm/i915/i915_pci.c
View File

@ -771,6 +771,7 @@ static const struct intel_device_info xehpsdv_info = {
static const struct intel_device_info dg2_info = {
DG2_FEATURES,
.require_force_probe = 1,
};
static const struct intel_device_info ats_m_info = {

3
sys/dev/pci/if_vmx.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_vmx.c,v 1.81 2024/02/15 13:24:45 jan Exp $ */
/* $OpenBSD: if_vmx.c,v 1.82 2024/02/29 22:09:33 jan Exp $ */
/*
* Copyright (c) 2013 Tsubai Masanari
@ -18,6 +18,7 @@
#include "bpfilter.h"
#include "kstat.h"
#include "vlan.h"
#include <sys/param.h>
#include <sys/device.h>

7
sys/dev/pci/pcidevs
View File

@ -1,4 +1,4 @@
$OpenBSD: pcidevs,v 1.2064 2024/02/29 10:09:54 jsg Exp $
$OpenBSD: pcidevs,v 1.2065 2024/03/01 08:34:42 jsg Exp $
/* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */
/*
@ -8537,6 +8537,7 @@ product QUMRANET VIO1_NET 0x1041 Virtio 1.x Network
product QUMRANET VIO1_BLOCK 0x1042 Virtio 1.x Storage
product QUMRANET VIO1_CONS 0x1043 Virtio 1.x Console
product QUMRANET VIO1_RNG 0x1044 Virtio 1.x RNG
product QUMRANET VIO1_MEM 0x1045 Virtio 1.x Memory Balloon
product QUMRANET VIO1_SCSI 0x1048 Virtio 1.x SCSI
product QUMRANET VIO1_GPU 0x1050 Virtio 1.x GPU
product QUMRANET VIO1_INPUT 0x1052 Virtio 1.x Input
@ -8702,6 +8703,10 @@ product REDHAT SERIAL2 0x0003 Qemu Serial 2x
product REDHAT SERIAL4 0x0004 Qemu Serial 4x
product REDHAT SDMMC 0x0007 SD/MMC
product REDHAT HB 0x0008 Host
product REDHAT PCIE 0x000c PCIE
product REDHAT XHCI 0x000d xHCI
product REDHAT PCI 0x000e PCI
product REDHAT NVME 0x0010 NVMe
product REDHAT QXL 0x0100 QXL Video
/* Rendition products */

7
sys/dev/pci/pcidevs.h
View File

@ -2,7 +2,7 @@
* THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT.
*
* generated from:
* OpenBSD: pcidevs,v 1.2064 2024/02/29 10:09:54 jsg Exp
* OpenBSD: pcidevs,v 1.2065 2024/03/01 08:34:42 jsg Exp
*/
/* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */
@ -8542,6 +8542,7 @@
#define PCI_PRODUCT_QUMRANET_VIO1_BLOCK 0x1042 /* Virtio 1.x Storage */
#define PCI_PRODUCT_QUMRANET_VIO1_CONS 0x1043 /* Virtio 1.x Console */
#define PCI_PRODUCT_QUMRANET_VIO1_RNG 0x1044 /* Virtio 1.x RNG */
#define PCI_PRODUCT_QUMRANET_VIO1_MEM 0x1045 /* Virtio 1.x Memory Balloon */
#define PCI_PRODUCT_QUMRANET_VIO1_SCSI 0x1048 /* Virtio 1.x SCSI */
#define PCI_PRODUCT_QUMRANET_VIO1_GPU 0x1050 /* Virtio 1.x GPU */
#define PCI_PRODUCT_QUMRANET_VIO1_INPUT 0x1052 /* Virtio 1.x Input */
@ -8707,6 +8708,10 @@
#define PCI_PRODUCT_REDHAT_SERIAL4 0x0004 /* Qemu Serial 4x */
#define PCI_PRODUCT_REDHAT_SDMMC 0x0007 /* SD/MMC */
#define PCI_PRODUCT_REDHAT_HB 0x0008 /* Host */
#define PCI_PRODUCT_REDHAT_PCIE 0x000c /* PCIE */
#define PCI_PRODUCT_REDHAT_XHCI 0x000d /* xHCI */
#define PCI_PRODUCT_REDHAT_PCI 0x000e /* PCI */
#define PCI_PRODUCT_REDHAT_NVME 0x0010 /* NVMe */
#define PCI_PRODUCT_REDHAT_QXL 0x0100 /* QXL Video */
/* Rendition products */

22
sys/dev/pci/pcidevs_data.h
View File

@ -2,7 +2,7 @@
* THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT.
*
* generated from:
* OpenBSD: pcidevs,v 1.2064 2024/02/29 10:09:54 jsg Exp
* OpenBSD: pcidevs,v 1.2065 2024/03/01 08:34:42 jsg Exp
*/
/* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */
@ -30763,6 +30763,10 @@ static const struct pci_known_product pci_known_products[] = {
PCI_VENDOR_QUMRANET, PCI_PRODUCT_QUMRANET_VIO1_RNG,
"Virtio 1.x RNG",
},
{
PCI_VENDOR_QUMRANET, PCI_PRODUCT_QUMRANET_VIO1_MEM,
"Virtio 1.x Memory Balloon",
},
{
PCI_VENDOR_QUMRANET, PCI_PRODUCT_QUMRANET_VIO1_SCSI,
"Virtio 1.x SCSI",
@ -31383,6 +31387,22 @@ static const struct pci_known_product pci_known_products[] = {
PCI_VENDOR_REDHAT, PCI_PRODUCT_REDHAT_HB,
"Host",
},
{
PCI_VENDOR_REDHAT, PCI_PRODUCT_REDHAT_PCIE,
"PCIE",
},
{
PCI_VENDOR_REDHAT, PCI_PRODUCT_REDHAT_XHCI,
"xHCI",
},
{
PCI_VENDOR_REDHAT, PCI_PRODUCT_REDHAT_PCI,
"PCI",
},
{
PCI_VENDOR_REDHAT, PCI_PRODUCT_REDHAT_NVME,
"NVMe",
},
{
PCI_VENDOR_REDHAT, PCI_PRODUCT_REDHAT_QXL,
"QXL Video",

4
sys/kern/uipc_syscalls.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: uipc_syscalls.c,v 1.217 2024/02/03 22:50:09 mvs Exp $ */
/* $OpenBSD: uipc_syscalls.c,v 1.218 2024/03/01 14:15:01 bluhm Exp $ */
/* $NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $ */
/*
@ -1560,12 +1560,12 @@ sys_ypconnect(struct proc *p, void *v, register_t *retval)
if (p->p_p->ps_flags & PS_CHROOT)
return EACCES;
KERNEL_LOCK();
name = pool_get(&namei_pool, PR_WAITOK);
snprintf(name, MAXPATHLEN, "/var/yp/binding/%s.2", domainname);
NDINIT(&nid, 0, NOFOLLOW|LOCKLEAF|KERNELPATH, UIO_SYSSPACE, name, p);
nid.ni_pledge = PLEDGE_RPATH;
KERNEL_LOCK();
error = namei(&nid);
pool_put(&namei_pool, name);
if (error)

4
usr.sbin/bgpd/version.h
View File

@ -1,3 +1,3 @@
/* $OpenBSD: version.h,v 1.14 2023/10/11 06:30:10 claudio Exp $ */
/* $OpenBSD: version.h,v 1.15 2024/03/01 16:23:37 claudio Exp $ */
#define BGPD_VERSION "8.3"
#define BGPD_VERSION "8.4"

31
usr.sbin/rpki-client/main.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: main.c,v 1.252 2024/02/26 15:40:33 job Exp $ */
/* $OpenBSD: main.c,v 1.254 2024/03/01 09:36:55 job Exp $ */
/*
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@ -72,6 +72,7 @@ int filemode;
int shortlistmode;
int rrdpon = 1;
int repo_timeout;
int experimental;
time_t deadline;
/* 9999-12-31 23:59:59 UTC */
@ -671,7 +672,8 @@ entity_process(struct ibuf *b, struct stats *st, struct vrp_tree *tree,
case RTYPE_SPL:
io_read_buf(b, &c, sizeof(c));
if (c == 0) {
repo_stat_inc(rp, talid, type, STYPE_FAIL);
if (experimental)
repo_stat_inc(rp, talid, type, STYPE_FAIL);
break;
}
spl = spl_read(b);
@ -895,9 +897,9 @@ load_shortlist(const char *fqdn)
static void
check_fs_size(int fd, const char *cachedir)
{
struct statvfs fs;
const long long minsize = 500 * 1024 * 1024;
const long long minnode = 300 * 1000;
struct statvfs fs;
unsigned long long minsize = 500 * 1024 * 1024;
unsigned long long minnode = 300 * 1000;
if (fstatvfs(fd, &fs) == -1)
err(1, "statfs %s", cachedir);
@ -907,13 +909,13 @@ check_fs_size(int fd, const char *cachedir)
fprintf(stderr, "WARNING: rpki-client may need more than "
"the available disk space\n"
"on the file-system holding %s.\n", cachedir);
fprintf(stderr, "available space: %lldkB, "
"suggested minimum %lldkB\n",
(long long)fs.f_bavail * fs.f_frsize / 1024,
fprintf(stderr, "available space: %llukB, "
"suggested minimum %llukB\n",
(unsigned long long)fs.f_bavail * fs.f_frsize / 1024,
minsize / 1024);
fprintf(stderr, "available inodes %lld, "
"suggested minimum %lld\n\n",
(long long)fs.f_favail, minnode);
fprintf(stderr, "available inodes: %llu, "
"suggested minimum: %llu\n\n",
(unsigned long long)fs.f_favail, minnode);
fflush(stderr);
}
}
@ -998,7 +1000,7 @@ main(int argc, char *argv[])
"proc exec unveil", NULL) == -1)
err(1, "pledge");
while ((c = getopt(argc, argv, "Ab:Bcd:e:fH:jmnoP:rRs:S:t:T:vV")) != -1)
while ((c = getopt(argc, argv, "Ab:Bcd:e:fH:jmnoP:rRs:S:t:T:vVx")) != -1)
switch (c) {
case 'A':
excludeaspa = 1;
@ -1076,6 +1078,9 @@ main(int argc, char *argv[])
case 'V':
fprintf(stderr, "rpki-client %s\n", RPKI_VERSION);
return 0;
case 'x':
experimental = 1;
break;
default:
goto usage;
}
@ -1509,7 +1514,7 @@ main(int argc, char *argv[])
usage:
fprintf(stderr,
"usage: rpki-client [-ABcjmnoRrVv] [-b sourceaddr] [-d cachedir]"
"usage: rpki-client [-ABcjmnoRrVvx] [-b sourceaddr] [-d cachedir]"
" [-e rsync_prog]\n"
" [-H fqdn] [-P epoch] [-S skiplist] [-s timeout]"
" [-T table]\n"

49
usr.sbin/rpki-client/output-json.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: output-json.c,v 1.44 2024/02/26 15:40:33 job Exp $ */
/* $OpenBSD: output-json.c,v 1.46 2024/03/01 08:10:09 tb Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
*
@ -23,6 +23,8 @@
#include "extern.h"
#include "json.h"
extern int experimental;
static void
outputheader_json(struct stats *st)
{
@ -113,6 +115,31 @@ output_aspa(struct vap_tree *vaps)
json_do_end();
}
static void
output_spl(struct vsp_tree *vsps)
{
struct vsp *vsp;
char buf[64];
size_t i;
json_do_array("signedprefixlists");
RB_FOREACH(vsp, vsp_tree, vsps) {
json_do_object("vsp", 1);
json_do_int("origin_as", vsp->asid);
json_do_array("prefixes");
for (i = 0; i < vsp->prefixesz; i++) {
ip_addr_print(&vsp->prefixes[i].prefix,
vsp->prefixes[i].afi, buf, sizeof(buf));
json_do_string("prefix", buf);
}
json_do_end();
json_do_int("expires", vsp->expires);
json_do_string("ta", taldescs[vsp->talid]);
json_do_end();
}
json_do_end();
}
int
output_json(FILE *out, struct vrp_tree *vrps, struct brk_tree *brks,
struct vap_tree *vaps, struct vsp_tree *vsps, struct stats *st)
@ -120,8 +147,6 @@ output_json(FILE *out, struct vrp_tree *vrps, struct brk_tree *brks,
char buf[64];
struct vrp *v;
struct brk *b;
struct vsp *vsp;
size_t i;
json_do_start(out);
outputheader_json(st);
@ -155,22 +180,8 @@ output_json(FILE *out, struct vrp_tree *vrps, struct brk_tree *brks,
if (!excludeaspa)
output_aspa(vaps);
json_do_array("signedprefixlists");
RB_FOREACH(vsp, vsp_tree, vsps) {
json_do_object("vsp", 1);
json_do_int("origin_as", vsp->asid);
json_do_array("prefixes");
for (i = 0; i < vsp->prefixesz; i++) {
ip_addr_print(&vsp->prefixes[i].prefix,
vsp->prefixes[i].afi, buf, sizeof(buf));
json_do_string("prefix", buf);
}
json_do_end();
json_do_int("expires", vsp->expires);
json_do_string("ta", taldescs[vsp->talid]);
json_do_end();
}
json_do_end();
if (experimental)
output_spl(vsps);
return json_do_finish();
}

16
usr.sbin/rpki-client/parser.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: parser.c,v 1.129 2024/02/22 12:49:42 job Exp $ */
/* $OpenBSD: parser.c,v 1.130 2024/03/01 08:10:09 tb Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@ -39,6 +39,8 @@
#include "extern.h"
extern int noop;
extern int experimental;
extern int verbose;
static X509_STORE_CTX *ctx;
static struct auth_tree auths = RB_INITIALIZER(&auths);
@ -861,9 +863,15 @@ parse_entity(struct entityq *q, struct msgbuf *msgq)
case RTYPE_SPL:
file = parse_load_file(entp, &f, &flen);
io_str_buffer(b, file);
spl = proc_parser_spl(file, f, flen, entp);
if (spl != NULL)
mtime = spl->signtime;
if (experimental) {
spl = proc_parser_spl(file, f, flen, entp);
if (spl != NULL)
mtime = spl->signtime;
} else {
if (verbose > 0)
warnx("%s: skipped", file);
spl = NULL;
}
io_simple_buffer(b, &mtime, sizeof(mtime));
c = (spl != NULL);
io_simple_buffer(b, &c, sizeof(int));

10
usr.sbin/rpki-client/rpki-client.8
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: rpki-client.8,v 1.102 2024/02/22 17:54:08 tb Exp $
.\" $OpenBSD: rpki-client.8,v 1.103 2024/03/01 08:10:09 tb Exp $
.\"
.\" Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
.\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: February 22 2024 $
.Dd $Mdocdate: March 1 2024 $
.Dt RPKI-CLIENT 8
.Os
.Sh NAME
@ -22,7 +22,7 @@
.Nd RPKI validator to support BGP routing security
.Sh SYNOPSIS
.Nm
.Op Fl ABcjmnoRrVv
.Op Fl ABcjmnoRrVvx
.Op Fl b Ar sourceaddr
.Op Fl d Ar cachedir
.Op Fl e Ar rsync_prog
@ -231,6 +231,10 @@ If
.Fl f
is given, specify once to print more information about the encapsulated X.509
certificate, twice to print the certificate in PEM format.
.It Fl x
Enable processing of experimental file formats.
This option is implied by
.Fl f .
.It Ar outputdir
The directory where
.Nm

4
usr.sbin/rpki-client/version.h
View File

@ -1,3 +1,3 @@
/* $OpenBSD: version.h,v 1.21 2024/02/09 13:49:41 job Exp $ */
/* $OpenBSD: version.h,v 1.22 2024/03/01 16:27:34 tb Exp $ */
#define RPKI_VERSION "8.9"
#define RPKI_VERSION "9.0"