IABSD.fr/src/usr.sbin

Branch :


Log

Author Commit Date CI Message
4837ede3 2023-07-22 03:46:09 match AMD x86 CPUs in fw_update(8) ok deraadt@
3be5e12f 2023-07-20 17:56:37 fix esoteric error message in case PackageName parses stuff to a bogus fullpkgname, as seen by Matthias Schmidt
f9000f25 2023-07-20 11:10:03 Use sizeof(destination) not sizeof(source) in strlcpy() calls. OK tb@
58874dc7 2023-07-20 05:18:31 Do not set O_EXCL on open() when a published file is on the withdraw list. If during the process of applying RRDP deltas a object is published then withdrawn and later published again the current code fails. This is because published elements use O_EXCL in open() but in the case above the previous file is still around since withdraws are delayed. Problem noticed by job@ OK tb@
4a0be80e 2023-07-19 21:49:30 Rename ASPA providers field in filemode fine with me @tb
8787d0be 2023-07-19 21:26:02 Fix skipping of white space after the username in /etc/crontab. Only a single white space character was consumed, we should be consuming all white space between fields. This change makes things consistent with how lines without a username are parsed. OK deraadt@ sthen@
73492e0c 2023-07-18 13:06:33 Do not duplicate prototypes of log.h in ypldap.h (without the extra __format__ attribute on top). Also properly ignore SIGHUP in the child processes. OK jmatthew@
27f65520 2023-07-16 09:23:33 relayd: remove ENGINE dependency What is achieved here through ENGINE can be done in a much simpler way by setting the default RSA implementation. Drop a number of indirections that only add a bit of logging. This removes a lot of boiler plate and shows where the actual magic happens more clearly. ok op tobhe
80149ef1 2023-07-15 18:32:21 vmd(8): fix use of qcow base images. The vm process was prematurely setting device fds to not close-on-exec and then trying to close(2) them after the fork(2) of the device process. This caused a reuse of an fd for one of the socketpair(2)'s for communication between vm and device. Having device processes close(2) other device fds after fork would break the socketpair, causing the device to fail during startup post-exec when trying to receive its device state from the parent vm process. Instead, mark the fds to not close on exec post-fork(2) call allowing other device fds to be closed automatically and avoid closing by the tracked fd. Reported by solene@. OK tb@.
e3ef2697 2023-07-14 10:30:53 Cleanup mrt message handling. Remove the DUMP_XYZ() macros and replace them with direct calls to for example ibuf_add_n16(). Further cleanup the error handling and use goto fail in most places. Remove many of the error messages and combine all the possible ibuf errors in one place. For this remove most warnings from internal functions (also mark all internal helper functions with static to make that more obvious). There are still some cases where an error will result in to warnings but those errors are unreachable in normal operations. OK tb@
9a583470 2023-07-14 07:09:00 Do not ignore the AF_LINK entries of carp(4) interfaces. OK kn@
2272e586 2023-07-13 18:31:59 vmd(8): pull validation into local prefix parser. Validation for local prefixes, both inet and inet6, was scattered around. To make it even more confusing, vmd was using generic address parsing logic from prior network daemons. vmd doesn't need to parse addresses other than when parsing the local prefix settings in vm.conf and no runtime parsing is needed. This change merges parsing and validation based on vmd's specific needs for local prefixes (e.g. reserving enough bits for vm id and network interface id encoding in an ipv4 address). In addition, it simplifies the struct from a generic address struct to one focused on just storing the v4 and v6 prefixes and masks. This cleans up an unused TAILQ struct member that isn't used by vmd and was leftover copy-pasta from those prior daemons. The address parsing that vmd uses is also updated to using the latest logic in bgpd(8). ok mlarkin@
ac73c284 2023-07-13 13:54:27 Check input before trying to disable a non-existing daemon to prevent parsing bogus characters and outputing hell on the console. based on an initial submission from Anthony Coulter, thanks!
66b1afa0 2023-07-12 14:45:42 Update OpenBGPD to use new ibuf API. This replaces the old way of using a static buffer and a len to build UPDATEs with a pure ibuf solution. The result is much cleaner and a lot of almost duplicate code can be removed because often a version for ibufs and one for this static buffer was implemented (e.g. for mrt or bgpctl). With and OK tb@
ebfb0322 2023-07-12 12:37:27 Work around use after free in httpd(8) A malformed HTTP request can cause httpd in fastcgi mode to crash due to a use-after-free. This is an awful hack, but it's good enough until someone figures out the correct way of dealing with server_close() here. "this will do the trick for now" claudio ok beck deraadt
099ef0af 2023-07-12 12:31:28 In rde_attr_parse() if an attribute causes a parse error which results in a treat-as-withdraw consume the full attribute by updating plen else the parser will fail parsing a possible next element which results in a session reset. Initial report by Ben Cox (ben at benjojo.co.uk) OK tb@
ed3431f4 2023-07-11 16:40:22 drop engine support diff originally by tb@, tweaked to apply after the useless logging methods removal. ok tb
3f1e3a05 2023-07-11 16:39:41 remove the useless logging methods Instead of wrapping all the methods of the RSA and ECDSA ENGINE, duplicate the default and override only the ones that are actually needed for the privsep crypto engine. part of a larger diff that's ok tb@
03a80038 2023-07-11 15:18:31 Bump version for -portable release
4dc25303 2023-07-10 12:02:37 Update outdated comment
51ecec67 2023-07-07 14:52:00 swap link-auth filter arguments Fields which can contain a '|' character are kept last to avoid ambiguities so move result before username; link-auth was likely forgot in r1.61 of lka_filter.c when the same treatment was applied to other events. Discovered after a report on -portable due to filter-rspamd crashing. ok millert@
c0c90351 2023-07-05 18:45:14 It isn't portable to use stderr (or std{in,out}) in file-scope initializers as they are not required to be compile-time constants. So, intialize these global variables at the top of main(). ok miod@ deraadt@ yasuoka@ millert@
a56012de 2023-07-05 01:21:51 fw_update is in section 8 not 1
e3e7f107 2023-07-04 14:41:26 use local assignment to $ENV{TZ} like we do for signal handlers
7d408401 2023-07-04 14:08:30 stop saying the format is "simple" there are so many annotations. "straightforward" is a better description at this point.
a1268d5a 2023-07-04 14:03:16 add some more fluff to documentation
37f14c44 2023-07-04 14:00:18 explain why NO_TS_IN_PLIST exists
cbecba2f 2023-07-04 13:58:01 fix some very minor syntactic nits
5877e940 2023-07-04 02:56:11 a little knf, no functional change
4567bf82 2023-07-03 19:12:08 record when pkg_add is actually doing something. details of rc code to be set in stone later (currently as an option)
de2fb8e9 2023-07-03 17:01:59 also make things 5.36 if not used
8bc5e3a3 2023-07-03 11:51:27 Use new ibuf API. Use ibuf_data() and ibuf_size() instead of direct struct access and use ibuf_set_n16() to update the length field. OK tb@
7551d11f 2023-07-03 10:34:31 Use ibuf_data() and ibuf_size() instead of accessing struct ibuf. OK tb@
aa2e6c71 2023-07-03 10:34:08 Use ibuf_data() and ibuf_size() instead of accessing struct ibuf. OK tb@
bf2cf305 2023-07-03 09:51:38 Use ibuf_data() instead of direct access to ibuf->buf, use ibuf_size() instead of direct access to ibuf->wpos, use ibuf_left() in places where the code checks if there is enough space left in the ibuf. OK tb@
a50d52cb 2023-07-03 09:40:47 Use ibuf_data() instead of directly accessing ibuf->buf. OK tb@
bce5c5dd 2023-07-03 09:38:08 Use ibuf_data() instead of accessing ibuf->buf directly. OK tb@
d4fb4f4d 2023-07-03 08:32:20 when shutting down a vm, handle the VM id in the same way as a VM name argument ok dv@
9cb26fd5 2023-07-02 13:33:10 lost silence_children behavior by accident add a hook to compute the exit_code in more fun ways
fed5be9e 2023-06-30 13:31:37 sepcific -> specific ok claudio@
e32ac0fb 2023-06-30 12:16:00 let check_table() also print table@anchor when it exits unexpectedly via call to fatal() OK claudio@
3efee2e1 2023-06-29 19:38:49 Update to nsd 4.7.0 OK tb
1577142d 2023-06-29 16:24:53 Spaces vs tabs from florian@
137f9002 2023-06-29 16:11:02 Rewrite pfe_route() to actually work on 64bit archs since IPv6 had to be special. One can not define a struct for the route message since there is different padding between 32 and 64 bit systems for struct sockaddr_in6. Instead do what all other daemons do and use struct sockaddr_storage, iovec and writev. Problem reported by Joerg Streckfuss (streckfuss at dfn-cert.de) OK tb@
74a82ef4 2023-06-29 14:33:35 rpki-client: fix vap_pas stats A small mistake in a diff broke the counters. Make them AFI agnostic and adjust ometric output. guidance & ok claudio
019c44ef 2023-06-29 14:09:42 In rrdp_session_save() stop the loop over deltas once MAX_RRDP_DELTAS have been processed. With and OK tb@
c0528901 2023-06-29 10:28:25 Retire log.c Convert all cryptowarnx() and cryptoerrx() to appropriate versions of warn() and err{,x}(). Neither users nor developers benefit from them. If we need better errors, we need to do some thinking. libcrypto won't do that for us. suggested by claudio ok job
b179db0e 2023-06-29 10:22:37 There no longer is a need to wrap the (now AFI-agnostic) ASPA providers in objects in filemode OK claudio@
6d67d0ff 2023-06-28 17:36:09 drop needless strcspn in the header parsing like done in ftp' fetch.c revision 1.216. ok tb
a2bb66a3 2023-06-28 17:24:20 The warning noise due to the ASPA transition is just that: noise. Switch to warnx() instead of cryptowarnx() for now. ok job
8b82f7f0 2023-06-27 22:31:27 Inform fw_update(8) about qcpas(4) pattern. ok kettenis@
ab34c090 2023-06-27 14:17:00 Make it possible to store the kstack or ustack in a map (as value, not key). Additionally fix the bacmp() function to work on integers and strings. bacmp() is used when maps are printed out since the output is sorted by value. Also adjust the rule parser to look into correctly into if branches to figure out which values to request from the kernel. OK kn@
3fc75573 2023-06-27 14:13:33 Document the map specific functions (count, max, min, sum) in their own part of the bt.5 man page. Input and OK kn@
044a957b 2023-06-27 11:11:46 remove allupdates marker, it was only used by the short-lived "@option explicit-update" flavor of firmware circa 2013. pkg_add hasn't needed to know about this since basically forever
4b5fc138 2023-06-26 18:39:53 Decode and validate ASPA objects following the v1 syntax Through draft-ietf-sidrops-aspa-profile-15, the ASPA profile was made AFI-agnostic. This represents a simplification for both operators and implementers in both the RPKI and BGP layers of the stack. This update changes the JSON structure. No effort was made to simultaneously support ASPA v0 and v1 objects. OK tb@ claudio@
6e5fef78 2023-06-26 14:07:19 Start using the new ibuf API in eigrpd. One ibuf_seek() still left since the change is not trivial and I don't have a eigrp testbed. OK tb@
d2e51e44 2023-06-26 10:28:12 Improve the conn_err() bufferevent error callback. To better report errors. OK kn@
35f7e862 2023-06-26 10:08:56 Update and refactor dvrmpd to use the new ibu API. Do the checksum calculation in send_packet() instead of doing it all over the place. This way the fixup only happens in one place. OK tb@
97028011 2023-06-25 08:08:03 remove ssl_init() it's a noop; nowadays both LibreSSL and OpenSSL libcrypto and libssl initialize themselves automatically before doing anything. noticed by jsing, ok tb
4958adbc 2023-06-25 08:07:38 remove ssl_init() it's a noop; nowadays both LibreSSL and OpenSSL libcrypto and libssl initialize themselves automatically before doing anything. ok tb
de9327fe 2023-06-24 04:15:14 Remove a pair of parens and make one check more consistent with the others
acb58307 2023-06-23 20:05:30 Fix warning about empty ipAddressesOrRanges Committed from an older tree.
fbe04ea1 2023-06-23 18:32:28 smtpd: allow arguments on NOOP per RFC3521 ยง 4.1.1.9 the NOOP command allows optionally one argument that SHOULD be ignored. For semplicity, relax it to allow anything after it. Original diff by Sebastian J. Bronner, GitHub PR 1150, tweaked by me to add smtp_check_noop(). Gilles agrees, ok millert@
8435fb8d 2023-06-23 15:32:15 Use consistent idiom for X509_get_ext_d2i() X509_get_ext_d2i() is special. A NULL return value can be either a success or a failure scenario: an extension may legitimately be absent. However, to find out whether it was absent or an error ocurred, you need to pass in &crit, a pointer to an int. Its purpose is to indicate whether the extension was marked critical or not. If the return value was NULL, crit becomes an error indicator: crit == -1 means the extension was not found. This can be an error or fine depending on the extension. Handle this accordingly. In particular for basic constraints, if they are missing or non-critical, this is an error. If crit == -2 then multiple extensions with the same OID as the nid requested are present. this means the cert is non-conformant to RFC 5280. If crit >= 0, then something weird happened. Either memory allocation failed or the extension could not be parsed. It is not easily possible to tell which. In short, if crit != -1, drop the cert on the floor like a hot potato. Add warnings where possible. For x509_any_inherits() this needs some more work, but that will be done in a different diff another day. ok job
b268327a 2023-06-23 11:36:24 Improve detection of RRDP session desynchronization According to RFC 8182, a given session_id and serial number represent an immutable record of the state of the Repository Server at a certain point in time. Add a check to the RRDP notification file processing to compare whether the delta hashes associated to previously seen serials are different in newly fetched notification files. Fall back to a snapshot if a difference is detected, because such a mutation is a strong desynchronization indicator. Idea from Ties de Kock (RIPE NCC). Based on a diff by job@ With and OK job@ tb@
76281e49 2023-06-23 07:40:28 rpki-client: check for duplicate certificate extensions RFC 5280 disallows multiple extensions with the same OID. Since libcrypto does not check that currently, do this by hand. This only deals with CA certs for now, EE certs could do that similarly. Found with BBN test corpora ok job
26660650 2023-06-23 07:26:21 rpki-client: disallow empty sets of IP Addresses or AS numbers RFC 3779 doesn't say anything about empty lists of IP addresses and AS numbers. Of course the RFC 3779 code in libcrypto implements a check for empty lists for AS numbers but fails to do so for IP addresses... While RFC 6487 is explicit about disallowing empty lists of IP addresses, it is not explicit about disallowing empty ipAddressesOrRanges, but that seems to be the intent. Found with BBN test corpora ok job
eaa1bd4e 2023-06-22 10:38:27 Use new ibu API, switch from ibuf_seek() to ibuf_set(). Also use ibuf_data() and ibuf_size(). OK tb@
26fc0cbc 2023-06-22 09:08:02 KNF
c28564e7 2023-06-22 09:07:04 KNF
bba303a8 2023-06-21 17:59:24 clear errno before strtoull as it may already be set to ERANGE noticed and ok millert@
56ac5201 2023-06-21 17:56:26 avoid truncation of filtered data lines Don't copy in a buffer the filter' output for parsing as we may truncate filter-dataline (i.e. the mail body). Instead, parse the string by advancing the pointer without copying or modifications. Issue reported by Joachim Schneider on the OpenSMTPD-portable repository. ok millert@
dd3b9a80 2023-06-21 09:47:03 add "fib reload" support to ospf6d/ospf6ctl, and trigger it automatically on a timeout after RTM_DESYNC (i.e. route socket overflow). ported across from ospfd. fixes/ok claudio@ (it's much harder to overflow the routing socket buffer these days since it was bumped to 2MB, but still happens occasionally on a busy machine).
4b0d3762 2023-06-21 07:54:54 Simplify and clean up the code. Try to use more ibuf idioms but the mix of types used in these functions make this rather hard. The expected data checks are still not great but a step in the right direction. OK tb@
b5355054 2023-06-21 07:49:24 Convert string2binary() to use new ibuf api instead of working with an extra buffer first. OK tb@
297c3ba2 2023-06-21 07:45:47 Update ospf6d to use new ibuf api. This mostly moves away from memcpy(ibuf_seek(buf, off, size), data, size) to ibuf_set(buf, off, data, size). Also ibuf_reserve() is replaced with ibuf_add_zero(). OK tb@
92bc477a 2023-06-21 07:44:08 Remove extra newlines
43e70bb4 2023-06-20 15:19:55 Update ospfd to use new ibuf api. This mostly moves away from memcpy(ibuf_seek(buf, off, size), data, size) to ibuf_set(buf, off, data, size). Also ibuf_reserve() is replaced with ibuf_add_zero(). OK tb@
cf954fff 2023-06-20 15:15:14 Use new ibuf API in rpki-client. Use ibuf_fd_get/set/avail in the file descriptor passing code. Switch some ibuf_seek() calls to ibuf_set() and use ibuf_add_zero() instead of ibuf_reserve(). OK tb@ job@
a67807ea 2023-06-20 14:50:05 tweak fragment handling error messages a bit don't pass parameters we don't need
660fcdef 2023-06-20 12:48:32 Ensure CRLs carry the correct version OK tb@
b454bae8 2023-06-20 12:39:50 Add compliance checks for the version, KU, and EKU of TAK/MFT/GBR EE certs OK tb@
138af1eb 2023-06-20 12:28:08 Ensure the X.509 version is V3 OK tb@
49409ac0 2023-06-20 11:06:47 Be explicit when SIA is without rsync accessLocation OK tb@
f69b700d 2023-06-20 09:54:57 Replace a ibuf_reserve() dance to add a NUL byte with ibuf_add_zero(buf, 1). Same thing but far less nasty. OK tb@
77251745 2023-06-20 02:46:18 Fix diagnostic values emitted in warnx OK tb@
e723f960 2023-06-18 19:08:52 remove ca_verify_cb(). was initially used for debugging, then the logging went away but the no-op callback remained. noticed by tb@
05eca6a7 2023-06-18 17:28:42 sync imsg_to_str() with the list of imsg types in smtpd.h ok millert@
9cc98913 2023-06-18 11:45:11 relax absolute path requirement for configtest (-n) ok dv@
8615c063 2023-06-18 11:43:49 smtpd: switch ECDSA_METHOD usage to EC_KEY_METHOD smtpd and the bits it needs in libtls are the only consumer left of ECDSA_METHOD, which is long deprecated. This paves the way for the removal in libcrypto. The diff is from gilles' work on OpenSMTPD-portable, with minor changes by me. ok tb@, jsing@
d7569e25 2023-06-17 15:35:08 "d" is the key character for DVI files, not "r"; from lennart jablonka ok millert
8c6e4223 2023-06-17 08:32:48 bump version to 7.3.0
41c70dd7 2023-06-17 08:05:48 Fix 'ext-community * *' matching and with this set { ext-community delete * * }. Problem reported by Moyaze Shivji OK tb@ job@
1bce4d34 2023-06-17 04:46:11 Warn when CMS signing-time attribute is missing OK tb@
54e1723e 2023-06-16 16:14:34 Convert two K&R function definitions to ANSI ok deraadt
7068cea4 2023-06-16 10:38:29 locator object owns a state object, no need to pass it as param also better method name
f723c71d 2023-06-16 10:29:35 belated move to OO
f6c952a4 2023-06-16 10:08:17 no extra params there, to be revisited
c112ffb6 2023-06-16 06:44:14 fix default parm, noticed by aja@ on clean-old-distfiles
793984b2 2023-06-14 09:59:09 GC remnants of pipe support, long gone. Display an error message for non found packages, in addition to setting the exit code.