CVS: cvs.openbsd.org: src

2024-01-07 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2024/01/07 22:11:18

Modified files:
usr.bin/ssh: PROTOCOL.mux 

Log message:
Remove outdated note from PROTOCOL.mux

Port forward close by control master is already implemented
by `mux_master_process_close_fwd` in `mux.c`

GHPR442 from bigb4ng

CVS: cvs.openbsd.org: src

2024-01-07 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2024/01/07 22:05:15

Modified files:
usr.bin/ssh: PROTOCOL 

Log message:
fix missing field in users-groups-by...@openssh.com reply documentation

GHPR441 from TJ Saunders

CVS: cvs.openbsd.org: src

2024-01-07 Thread YASUOKA Masahiko 
CVSROOT:/cvs
Module name:src
Changes by: yasu...@cvs.openbsd.org 2024/01/07 21:16:48

Modified files:
usr.sbin/radiusd: radiusd.c radiusd.h radiusd_module.c 
  radiusd_module.h radiusd_standard.c 

Log message:
Pass the request packet to response decorations for future use.
This is required for many cases and will be used future.

CVS: cvs.openbsd.org: src

2024-01-07 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2024/01/07 21:10:03

Modified files:
usr.bin/ssh: PROTOCOL 

Log message:
make kex-strict section more explicit about its intent: banning all
messages not strictly required in KEX

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 20:32:01

Modified files:
lib/libcrypto/x509: x509_trs.c 

Log message:
Fix logic error (&& -> ||)

CID 477172

CVS: cvs.openbsd.org: src

2024-01-07 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2024/01/07 17:34:34

Modified files:
usr.bin/ssh: kex.c sshconnect2.c sshd.c 

Log message:
remove ext-info-* in the kex.c code, not in callers; with/ok markus@

CVS: cvs.openbsd.org: src

2024-01-07 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2024/01/07 17:30:39

Modified files:
usr.bin/ssh: ssh-add.c 

Log message:
fix typo; spotted by Albert Chin

CVS: cvs.openbsd.org: www

2024-01-07 Thread Stefan Sperling 
CVSROOT:/cvs
Module name:www
Changes by: s...@cvs.openbsd.org2024/01/07 16:36:15

Modified files:
.  : support.html 

Log message:
sync

CVS: cvs.openbsd.org: www

2024-01-07 Thread Stefan Sperling 
CVSROOT:/cvs
Module name:www
Changes by: s...@cvs.openbsd.org2024/01/07 16:36:02

Modified files:
build  : support.dat 

Log message:
update my own support page entry; i am moving my business to brussels

CVS: cvs.openbsd.org: src

2024-01-07 Thread Alexander Bluhm 
CVSROOT:/cvs
Module name:src
Changes by: bl...@cvs.openbsd.org   2024/01/07 14:01:45

Modified files:
sys/dev/pci: if_ixl.c 

Log message:
In ixl(4) attach, initialize mutex before using it.

Function ixl_get_link_status() calls ixl_set_link_status() which
locks sc_link_state_mtx.  Move initilization of mutex before calling
ixl_get_link_status().  This makes witness happy.

Bug reported and fix tested by Hrvoje Popovski; OK miod@

CVS: cvs.openbsd.org: src

2024-01-07 Thread Miod Vallat 
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2024/01/07 13:52:44

Modified files:
sys/kern   : makesyscalls.sh 

Log message:
Error out if one syscall ever takes more than 6 arguments.

This is not necessarily wrong per se, but would need special consideration,
as not all platforms are currently able to process more than six syscall
arguments (and upcoming diffs will rely upon reasonably-sized argument
lists), so better break now and reconsider later if need be.

ok deraadt@

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 12:59:32

Modified files:
lib/libcrypto  : crypto_init.c 

Log message:
Garbage collect call to X509_TRUST_cleanup()

Since x509_trs.c r1.33, this is a noop.

CVS: cvs.openbsd.org: src

2024-01-07 Thread Scott Soule Cheloha 
CVSROOT:/cvs
Module name:src
Changes by: chel...@cvs.openbsd.org 2024/01/07 12:44:28

Modified files:
lib/libc/thread: synch.h 
lib/librthread : synch.h 

Log message:
libc, librthread: _twait: subtraction is not comparison

Compare the current time with the absolute timeout before computing
the relative timeout to avoid arithmetic overflow.  Fixes a bug where
large negative absolute timeouts are subtracted into large positive
relative timeouts and incorrectly cause the caller to block.

While here, use timespeccmp(3) and timespecsub(3) to simplify the
code.

Thread: https://marc.info/?l=openbsd-tech&m=169945962503129&w=2

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 11:15:42

Modified files:
lib/libcrypto/x509: x509_vfy.c 

Log message:
Minor cleanup in X509_STORE_CTX_purpose_inherit()

Make a few checks against 0 explicit to reduce noise in an upcoming diff
and tiny KNF tweaks.

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 09:22:46

Modified files:
lib/libcrypto/x509: x509_purp.c x509_trs.c 

Log message:
purpose/trust: Improve comments about COUNT/MAX confusion

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 09:18:18

Modified files:
lib/libcrypto/evp: e_rc4_hmac_md5.c 

Log message:
const-correct r4_hmac_md5_cipher

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 08:42:57

Modified files:
lib/libcrypto/evp: e_null.c e_rc2.c e_rc4.c e_rc4_hmac_md5.c 
   e_xcbc_d.c 

Log message:
Convert the remaining legacy ciphers to C99 initializers

No change in the generated aarch64 assembly apart from line number changes.

ok jsing

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 08:21:04

Modified files:
lib/libcrypto/evp: evp_cipher.c 

Log message:
Improve EVP_CIPHER_{get,set}_asn1_iv()

Use iv_len for the variables storing the IV length, formerly l and j.
Remove use of the unnecessary variable i and unindent the whole mess.
Some return values are fishy. That will be addressed in subsequent
commits.

ok jsing

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 07:50:45

Modified files:
lib/libcrypto/x509: x509_trs.c 

Log message:
Remove X509_TRUST extensibility

This is pretty much identical to the X509_PURPOSE case: remove the stack
used for extending and overriding the trust table and make X509_TRUST_add()
always fail. Simplify some other bits accordingly.

ok jsing

CVS: cvs.openbsd.org: xenocara

2024-01-07 Thread Matthieu Herrb 
CVSROOT:/cvs
Module name:xenocara
Changes by: matth...@cvs.openbsd.org2024/01/07 04:11:57

Modified files:
xserver: ChangeLog configure configure.ac meson.build 
xserver/hw/kdrive/ephyr: ephyrinit.c 

Log message:
Update xserver to 21.1.10.

The security fixes have already been committed.

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 02:48:29

Modified files:
usr.sbin/rpki-client: extern.h 

Log message:
rpki-client: zap a stray space

CVS: cvs.openbsd.org: src

2024-01-07 Thread Theo Buehler 
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/01/07 02:48:03

Modified files:
usr.sbin/rpki-client: validate.c 

Log message:
rpki-client: print revocation time in filemode

If a certificate was revoked, extract the revocation timestamp and
update the warning message in filemode to include it.

ok job