CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/03/23 00:38:01

Modified files:
lib/libcrypto/x509: x509_trs.c 

Log message:
Remove unused flags and arg2 members from X509_TRUST

ok jsing

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2024/03/23 00:37:15

Modified files:
lib/libcrypto/x509: x509_trs.c 

Log message:
Remove unused flags argument from the trust handlers

The public X509_check_trust() takes a flag parameter which we must leave
in place. However, we can stop passing the flag parameter around without
ever looking at it.

ok jsing

CVS: cvs.openbsd.org: src

[Job Snijders]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2024/03/22 22:18:56

Modified files:
etc/rpki   : lacnic.constraints 

Log message:
Expand ASN range for LACNIC

LACNIC received a new block of ASNs from IANA
https://mail.lacnic.net/pipermail/lacnog/2024-March/009690.html

OK tb@

CVS: cvs.openbsd.org: src

[Vitaliy Makkoveev]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2024/03/22 19:35:57

Modified files:
regress/sys/kern/unixsockets: unixsock_test.c 

Log message:
Fix main() definition.

CVS: cvs.openbsd.org: www

[Jonathan Gray]

CVSROOT:/cvs
Module name:www
Changes by: j...@cvs.openbsd.org2024/03/22 17:58:24

Modified files:
.  : 75.html 

Log message:
arm64 now has cd install media

CVS: cvs.openbsd.org: www

[Jonathan Gray]

CVSROOT:/cvs
Module name:www
Changes by: j...@cvs.openbsd.org2024/03/22 17:43:39

Modified files:
.  : 75.html 

Log message:
add drm changes as requested by benno@

CVS: cvs.openbsd.org: src

[Jan Klemkow]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2024/03/22 15:49:52

Modified files:
regress/sbin/disklabel: 12000.ok 18000.ok 2.ok 30.ok 
4.ok 9.ok 90.ok 
sbin/disklabel : disklabel.8 editor.c 

Log message:
Increase /usr/src partition to 2GB - 5GB

ok miod@, deraadt@, otto@ and bluhm@

CVS: cvs.openbsd.org: src

[Alexander Bluhm]

CVSROOT:/cvs
Module name:src
Changes by: bl...@cvs.openbsd.org   2024/03/22 15:48:38

Modified files:
sys/netinet: in_pcb.c in_pcb.h 

Log message:
Remove padding from union inpaddru.

Alignment of IPv4 address with lower part of IPv6 address looks
like a leftover from times when IPv6 compatible addresses should
contain IPv4 addreses.  Better use a simple union for both IPv4 and
IPv6 addresses like everywhere else.  Use this type also for common
zero address.

OK mvs@

CVS: cvs.openbsd.org: src

[joshua stein]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2024/03/22 13:22:23

Modified files:
usr.bin/patch  : backupfile.c patch.1 patch.c 

Log message:
add "-V none" to prevent making any backups

from FreeBSD

ok bluhm deraadt

CVS: cvs.openbsd.org: src

[Alexander Bluhm]

CVSROOT:/cvs
Module name:src
Changes by: bl...@cvs.openbsd.org   2024/03/22 13:14:28

Modified files:
usr.sbin/lpd   : control.c 

Log message:
Fix chroot(2) call in control process.

Use /var/empty as chroot directory.  Call chroot(2) before setresuid(2).
Do the error check correctly.  Call chdir(2) after chroot(2).

from spiros thanasoulas; with florian@ tb@; OK millert@

CVS: cvs.openbsd.org: src

[Alexander Bluhm]

CVSROOT:/cvs
Module name:src
Changes by: bl...@cvs.openbsd.org   2024/03/22 12:05:01

Modified files:
sys/netinet: in_pcb.c in_pcb.h 
sys/netinet6   : in6_pcb.c 

Log message:
Make local port which is bound during connect(2) unique per laddr.

in_pcbconnect() did not pass down the address it got from in_pcbselsrc()
to in_pcbpickport().  As a consequence local port numbers selected
during connect(2) were globally unique although they belong to
different addresses.  This strict uniqueness is not necessary and
wastes usable ports for outgoing connections.

To solve this, pass ina from in_pcbconnect() to in_pcbbind_locked().
This does not interfere how wildcard sockets are matched with
specific sockets during bind(2).  It only allows non-wildcard sockets
to share a local port during connect(2).

OK mvs@ deraadt@

CVS: cvs.openbsd.org: src

[Vitaliy Makkoveev]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2024/03/22 11:34:11

Modified files:
sys/kern   : uipc_socket.c uipc_usrreq.c 
sys/sys: socketvar.h 

Log message:
Use sorflush() instead of direct unp_scan(..., unp_discard) to discard
dead unix(4) sockets.

The difference in direct unp_scan() and sorflush() is the mbuf(9) chain.
For the first case it is still linked to the `so_rcv', for the second it
is not. This is required to make `sb_mtx' mutex(9) the only `so_rcv'
sockbuf protection and remove socket re-locking from the most of
uipc_*send() paths. The unlinked mbuf(9) chain doesn't require any
protection, so this allows to perform sleeping unp_discard() lockless.

Also, the mbuf(9) chain of the discarded socket still contains addresses
of file descriptors and it is much safer to unlink it before FRELE()
them. This is the reason to commit this diff standalone.

ok bluhm

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2024/03/22 09:41:34

Modified files:
usr.sbin/bgpd  : bgpd.h logmsg.c rtr_proto.c session.c util.c 

Log message:
Rework the cease shutdown reason to work in both directions by looking
at the ibuf payload passed to log_notification().
Because of this move ibuf_get_string() and the log_notification() call
in parse_notification().
OK tb@

CVS: cvs.openbsd.org: src

[Jonathan Gray]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2024/03/22 06:29:33

Modified files:
share/man/man4/man4.alpha: mem.4 
share/man/man4/man4.amd64: mem.4 
share/man/man4/man4.i386: mem.4 
share/man/man4/man4.landisk: mem.4 
share/man/man4/man4.loongson: mem.4 
share/man/man4/man4.luna88k: mem.4 
share/man/man4/man4.macppc: mem.4 
share/man/man4/man4.sparc64: mem.4 

Log message:
correct history of /dev/mem and /dev/kmem

The history section (added in CSRG) claimed both first appeared in v6.
Looking at the manuals in the TUHS archive, /dev/mem was in v1 and
/dev/kmem was introduced in v5.

ok jan@

CVS: cvs.openbsd.org: www

[Stuart Henderson]

CVSROOT:/cvs
Module name:www
Changes by: st...@cvs.openbsd.org   2024/03/22 05:08:09

Modified files:
.  : 75.html 

Log message:
powerpc64: 8469 packages

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2024/03/22 01:19:28

Modified files:
usr.sbin/bgpd  : bgpd.h logmsg.c session.c session.h util.c 

Log message:
Rework parse_notification() to use the ibuf API for everything.

While there fix the RFC5492 handling of ERR_OPEN_CAPA (the current code
has the logic inversed). ERR_OPEN_CAPA is there to signal that a needed
capability is missing in our OPEN message. Just add the handling of
ERR_OPEN_CAPA to log_notification().

Also rework the handling of the shutdown reason and move the printing
into log_notification().

OK tb@

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2024/03/22 01:15:04

Modified files:
sys/nfs: nfs_socket.c nfs_syscalls.c 

Log message:
Limit NFS connections to originate from a reserved port.

For TCP connections do the check when adding the socket via nfssvc(2).
For UDP do the check early after soreceive().
On top of this limit the sockets added via nfssvc(2) to IPv4 TCP and UDP
sockets.
OK millert@ deraadt@