CVS: cvs.openbsd.org: www

2012-06-29 Thread Antoine Jacoutot 
CVSROOT:/cvs
Module name:www
Changes by: ajacou...@cvs.openbsd.org   2012/06/29 22:16:06

Modified files:
openbgpd/ru: ftp.html goals.html index.html manual.html 
 papers.html users.html 
opencvs/ru : goals.html index.html manual.html press.html 
openntpd/ru: goals.html index.html manual.html papers.html 
 portable.html 
openssh/ru : features.html ftp.html goals.html history.html 
 index.html java.html list.html macos.html 
 manual.html openbsd.html palmos.html 
 portable.html report.html security.html 
 tshirts.html unix.html users.html windows.html 
ru : anoncvs.html crypto.html ftp.html goals.html 
 hackathons.html index.html mac68k.html 
 mail.html plat.html porting.html report.html 
 security.html smp.html stable.html why-cvs.html 

Log message:
Sync with Steelix CVS

CVS: cvs.openbsd.org: src

2012-06-29 Thread Mike Belopuhov 
CVSROOT:/cvs
Module name:src
Changes by: mi...@cvs.openbsd.org   2012/06/29 18:16:15

Modified files:
sys/net: if_pfsync.c 

Log message:
Fix a number of problems introduced by the link state handling commit:

1) demote by 32 on the first bulk update to prevent failovers w/o having
a full state table;

2) don't do any demotion adjustments on the link up event and undemote
when bulk update finishes (or times out) preventing a race between
nodes getting a link state update asynchronously.

With phessler; tested by phessler and Kapetanakis Giannis.  Thanks!

Looked through by henning and dlg.  Now the correct version.

CVS: cvs.openbsd.org: src

2012-06-29 Thread Mike Belopuhov 
CVSROOT:/cvs
Module name:src
Changes by: mi...@cvs.openbsd.org   2012/06/29 18:14:23

Modified files:
sys/net: if_pfsync.c 

Log message:
backout rev1.185 as it's not what i have intended to commit

CVS: cvs.openbsd.org: src

2012-06-29 Thread Jonathan Matthew 
CVSROOT:/cvs
Module name:src
Changes by: jmatt...@cvs.openbsd.org2012/06/29 16:21:40

Modified files:
sys/dev/pci: ahci.c 

Log message:
fix obvious panic on resume with AHCI_DEBUG enabled

ok dlg@

CVS: cvs.openbsd.org: src

2012-06-29 Thread Jasper Lievisse Adriaanse 
CVSROOT:/cvs
Module name:src
Changes by: jas...@cvs.openbsd.org  2012/06/29 09:17:32

Modified files:
sys/dev/pci: ichiic.c 

Log message:
match on the 7SERIES_SMB

reminded by jsg@

CVS: cvs.openbsd.org: src

2012-06-29 Thread Mike Belopuhov 
CVSROOT:/cvs
Module name:src
Changes by: mi...@cvs.openbsd.org   2012/06/29 09:12:21

Modified files:
sys/net: if_pfsync.c if_pfsync.h 

Log message:
add ESN-related bits missed in the previous commit

CVS: cvs.openbsd.org: src

2012-06-29 Thread Mike Belopuhov 
CVSROOT:/cvs
Module name:src
Changes by: mi...@cvs.openbsd.org   2012/06/29 09:05:49

Modified files:
sbin/iked  : iked.h ikev2.c ikev2.h parse.y pfkey.c 

Log message:
Add missing ESN bits

CVS: cvs.openbsd.org: src

2012-06-29 Thread Mike Belopuhov 
CVSROOT:/cvs
Module name:src
Changes by: mi...@cvs.openbsd.org   2012/06/29 09:01:07

Modified files:
sbin/ipsecctl  : ipsecctl.c ipsecctl.h pfkdump.c 

Log message:
Print esn flag when dumping SAs with ESN enabled

CVS: cvs.openbsd.org: src

2012-06-29 Thread Mike Belopuhov 
CVSROOT:/cvs
Module name:src
Changes by: mi...@cvs.openbsd.org   2012/06/29 08:48:04

Modified files:
sys/crypto : cryptodev.h cryptosoft.c 
sys/net: if_pfsync.h pfkeyv2.h pfkeyv2_convert.c 
 pfkeyv2_parsemessage.c 
sys/netinet: ip_ah.c ip_esp.c ip_ipsp.h 

Log message:
Add support for the Extended (64-bit) Sequence Number as defined
in RFC4302 and RFC4303.  Right now only software crypto engine is
capable of doing it.

Replay check was rewritten to implement algorithm described in the
Appendix A of RFC4303 and the window size was increased to 64.

Tested against OpenBSD, Linux (strongswan) and Windows.

No objection from the usual suspects.

CVS: cvs.openbsd.org: src

2012-06-29 Thread Jasper Lievisse Adriaanse 
CVSROOT:/cvs
Module name:src
Changes by: jas...@cvs.openbsd.org  2012/06/29 08:38:00

Modified files:
sys/dev/pci: pcidevs.h pcidevs_data.h 

Log message:
regen

CVS: cvs.openbsd.org: src

2012-06-29 Thread Jasper Lievisse Adriaanse 
CVSROOT:/cvs
Module name:src
Changes by: jas...@cvs.openbsd.org  2012/06/29 08:37:19

Modified files:
sys/dev/pci: pcidevs 

Log message:
add a bunch of intel 7 series id's for devices found in the thinkpad x230

ok kettenis@

CVS: cvs.openbsd.org: www

2012-06-29 Thread Antoine Jacoutot 
CVSROOT:/cvs
Module name:www
Changes by: ajacou...@cvs.openbsd.org   2012/06/29 08:35:07

Modified files:
de : sgi.html 
faq/de : faq14.html 
faq/nl : faq14.html 
openntpd/ru: ftp.html 

Log message:
Sync with Steelix CVS

CVS: cvs.openbsd.org: src

2012-06-29 Thread Christian Weisgerber 
CVSROOT:/cvs
Module name:src
Changes by: na...@cvs.openbsd.org   2012/06/29 07:57:25

Modified files:
usr.bin/ssh: ssh_config.5 sshd_config.5 

Log message:
match the documented MAC order of preference to the actual one; ok dtucker@

CVS: cvs.openbsd.org: src

2012-06-29 Thread Jason McIntyre 
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2012/06/29 06:56:21

Modified files:
share/man/man5 : pf.conf.5 

Log message:
tcp/udp mandatory for "user"; from ti zed
ok henning

Re: CVS: cvs.openbsd.org: src

2012-06-29 Thread Christian Weisgerber 
Ted Unangst  wrote:

> > Using the names hmac-sha2-256-96 and hmac-sha2-512-96 is a violation of
> > the spec since that namespace is managed by IANA.  They could be
> > implemented as vendor extensions (hmac-sha2-256...@openssh.com and
> > hmac-sha2-512...@openssh.com).
> 
> Any reason to do so?  Are the truncated hashes particularly
> beneficial? 

Probably not.

You may remember from a number of releases back that we used to
support HMAC-SHA2-256-96 in IPsec after an early draft, but had to
change this to HMAC-SHA2-256-128 to comply with RFC4868 when people
belatedly remembered that the HMAC result shouldn't be truncated
further than half the length of the hash output, as per RFC2104.

Now, that is 15-year-old advice.  In his 2011 overview,
http://www.cs.ucdavis.edu/~rogaway/papers/modes.pdf
Rogaway writes:

  9.7. Truncation. HMAC truncated to t bits is, inevitably, subject
  to an attack that forges with probability q_v/2^t in q_v verification
  attempts; as a consequence, the parameter t should, in most cases,
  be kept fairly large.  Why, then, truncate at all?  One reason for
  allowing MAC truncation is the obvious one, to lessen bandwidth
  or storage costs.  More interestingly, truncation appears to make
  the birthday attack less effective, because internal collisions
  can no longer be identified by collisions in the HMAC outputs.
  A little truncation may thus improve security.  We emphasize,
  however, that while there are proofs that truncation will not
  degrade security by more than the addition of the term that we
  just mentioned, there is no known proof that truncation can improve
  security--not even in the random-oracle model.  We suspect,
  however, that this is more indicative of technical difficulties
  in the proof--or the lack of a really serious effort--than the
  absence of a quantifiable improvement.
  We emphasize that the concrete security loss from truncation
  is "only" the q_v/2^t term that one "must" be for truncation; we
  are not speaking of the more severe drop in security as one sees
  when truncating tags with GMAC (10.6) or GCM (12.6).

-- 
Christian "naddy" Weisgerber  na...@mips.inka.de