Branch :
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
| 4837ede3 | 2023-07-22 03:46:09 | match AMD x86 CPUs in fw_update(8) ok deraadt@ | ||
| 3be5e12f | 2023-07-20 17:56:37 | fix esoteric error message in case PackageName parses stuff to a bogus fullpkgname, as seen by Matthias Schmidt | ||
| f9000f25 | 2023-07-20 11:10:03 | Use sizeof(destination) not sizeof(source) in strlcpy() calls. OK tb@ | ||
| 58874dc7 | 2023-07-20 05:18:31 | Do not set O_EXCL on open() when a published file is on the withdraw list. If during the process of applying RRDP deltas a object is published then withdrawn and later published again the current code fails. This is because published elements use O_EXCL in open() but in the case above the previous file is still around since withdraws are delayed. Problem noticed by job@ OK tb@ | ||
| 4a0be80e | 2023-07-19 21:49:30 | Rename ASPA providers field in filemode fine with me @tb | ||
| 8787d0be | 2023-07-19 21:26:02 | Fix skipping of white space after the username in /etc/crontab. Only a single white space character was consumed, we should be consuming all white space between fields. This change makes things consistent with how lines without a username are parsed. OK deraadt@ sthen@ | ||
| 73492e0c | 2023-07-18 13:06:33 | Do not duplicate prototypes of log.h in ypldap.h (without the extra __format__ attribute on top). Also properly ignore SIGHUP in the child processes. OK jmatthew@ | ||
| 27f65520 | 2023-07-16 09:23:33 | relayd: remove ENGINE dependency What is achieved here through ENGINE can be done in a much simpler way by setting the default RSA implementation. Drop a number of indirections that only add a bit of logging. This removes a lot of boiler plate and shows where the actual magic happens more clearly. ok op tobhe | ||
| 80149ef1 | 2023-07-15 18:32:21 | vmd(8): fix use of qcow base images. The vm process was prematurely setting device fds to not close-on-exec and then trying to close(2) them after the fork(2) of the device process. This caused a reuse of an fd for one of the socketpair(2)'s for communication between vm and device. Having device processes close(2) other device fds after fork would break the socketpair, causing the device to fail during startup post-exec when trying to receive its device state from the parent vm process. Instead, mark the fds to not close on exec post-fork(2) call allowing other device fds to be closed automatically and avoid closing by the tracked fd. Reported by solene@. OK tb@. | ||
| e3ef2697 | 2023-07-14 10:30:53 | Cleanup mrt message handling. Remove the DUMP_XYZ() macros and replace them with direct calls to for example ibuf_add_n16(). Further cleanup the error handling and use goto fail in most places. Remove many of the error messages and combine all the possible ibuf errors in one place. For this remove most warnings from internal functions (also mark all internal helper functions with static to make that more obvious). There are still some cases where an error will result in to warnings but those errors are unreachable in normal operations. OK tb@ | ||
| 9a583470 | 2023-07-14 07:09:00 | Do not ignore the AF_LINK entries of carp(4) interfaces. OK kn@ | ||
| 2272e586 | 2023-07-13 18:31:59 | vmd(8): pull validation into local prefix parser. Validation for local prefixes, both inet and inet6, was scattered around. To make it even more confusing, vmd was using generic address parsing logic from prior network daemons. vmd doesn't need to parse addresses other than when parsing the local prefix settings in vm.conf and no runtime parsing is needed. This change merges parsing and validation based on vmd's specific needs for local prefixes (e.g. reserving enough bits for vm id and network interface id encoding in an ipv4 address). In addition, it simplifies the struct from a generic address struct to one focused on just storing the v4 and v6 prefixes and masks. This cleans up an unused TAILQ struct member that isn't used by vmd and was leftover copy-pasta from those prior daemons. The address parsing that vmd uses is also updated to using the latest logic in bgpd(8). ok mlarkin@ | ||
| ac73c284 | 2023-07-13 13:54:27 | Check input before trying to disable a non-existing daemon to prevent parsing bogus characters and outputing hell on the console. based on an initial submission from Anthony Coulter, thanks! | ||
| 66b1afa0 | 2023-07-12 14:45:42 | Update OpenBGPD to use new ibuf API. This replaces the old way of using a static buffer and a len to build UPDATEs with a pure ibuf solution. The result is much cleaner and a lot of almost duplicate code can be removed because often a version for ibufs and one for this static buffer was implemented (e.g. for mrt or bgpctl). With and OK tb@ | ||
| ebfb0322 | 2023-07-12 12:37:27 | Work around use after free in httpd(8) A malformed HTTP request can cause httpd in fastcgi mode to crash due to a use-after-free. This is an awful hack, but it's good enough until someone figures out the correct way of dealing with server_close() here. "this will do the trick for now" claudio ok beck deraadt | ||
| 099ef0af | 2023-07-12 12:31:28 | In rde_attr_parse() if an attribute causes a parse error which results in a treat-as-withdraw consume the full attribute by updating plen else the parser will fail parsing a possible next element which results in a session reset. Initial report by Ben Cox (ben at benjojo.co.uk) OK tb@ | ||
| ed3431f4 | 2023-07-11 16:40:22 | drop engine support diff originally by tb@, tweaked to apply after the useless logging methods removal. ok tb | ||
| 3f1e3a05 | 2023-07-11 16:39:41 | remove the useless logging methods Instead of wrapping all the methods of the RSA and ECDSA ENGINE, duplicate the default and override only the ones that are actually needed for the privsep crypto engine. part of a larger diff that's ok tb@ | ||
| 03a80038 | 2023-07-11 15:18:31 | Bump version for -portable release | ||
| 4dc25303 | 2023-07-10 12:02:37 | Update outdated comment | ||
| 51ecec67 | 2023-07-07 14:52:00 | swap link-auth filter arguments Fields which can contain a '|' character are kept last to avoid ambiguities so move result before username; link-auth was likely forgot in r1.61 of lka_filter.c when the same treatment was applied to other events. Discovered after a report on -portable due to filter-rspamd crashing. ok millert@ | ||
| c0c90351 | 2023-07-05 18:45:14 | It isn't portable to use stderr (or std{in,out}) in file-scope initializers as they are not required to be compile-time constants. So, intialize these global variables at the top of main(). ok miod@ deraadt@ yasuoka@ millert@ | ||
| a56012de | 2023-07-05 01:21:51 | fw_update is in section 8 not 1 | ||
| e3e7f107 | 2023-07-04 14:41:26 | use local assignment to $ENV{TZ} like we do for signal handlers | ||
| 7d408401 | 2023-07-04 14:08:30 | stop saying the format is "simple" there are so many annotations. "straightforward" is a better description at this point. | ||
| a1268d5a | 2023-07-04 14:03:16 | add some more fluff to documentation | ||
| 37f14c44 | 2023-07-04 14:00:18 | explain why NO_TS_IN_PLIST exists | ||
| cbecba2f | 2023-07-04 13:58:01 | fix some very minor syntactic nits | ||
| 5877e940 | 2023-07-04 02:56:11 | a little knf, no functional change | ||
| 4567bf82 | 2023-07-03 19:12:08 | record when pkg_add is actually doing something. details of rc code to be set in stone later (currently as an option) | ||
| de2fb8e9 | 2023-07-03 17:01:59 | also make things 5.36 if not used | ||
| 8bc5e3a3 | 2023-07-03 11:51:27 | Use new ibuf API. Use ibuf_data() and ibuf_size() instead of direct struct access and use ibuf_set_n16() to update the length field. OK tb@ | ||
| 7551d11f | 2023-07-03 10:34:31 | Use ibuf_data() and ibuf_size() instead of accessing struct ibuf. OK tb@ | ||
| aa2e6c71 | 2023-07-03 10:34:08 | Use ibuf_data() and ibuf_size() instead of accessing struct ibuf. OK tb@ | ||
| bf2cf305 | 2023-07-03 09:51:38 | Use ibuf_data() instead of direct access to ibuf->buf, use ibuf_size() instead of direct access to ibuf->wpos, use ibuf_left() in places where the code checks if there is enough space left in the ibuf. OK tb@ | ||
| a50d52cb | 2023-07-03 09:40:47 | Use ibuf_data() instead of directly accessing ibuf->buf. OK tb@ | ||
| bce5c5dd | 2023-07-03 09:38:08 | Use ibuf_data() instead of accessing ibuf->buf directly. OK tb@ | ||
| d4fb4f4d | 2023-07-03 08:32:20 | when shutting down a vm, handle the VM id in the same way as a VM name argument ok dv@ | ||
| 9cb26fd5 | 2023-07-02 13:33:10 | lost silence_children behavior by accident add a hook to compute the exit_code in more fun ways | ||
| fed5be9e | 2023-06-30 13:31:37 | sepcific -> specific ok claudio@ | ||
| e32ac0fb | 2023-06-30 12:16:00 | let check_table() also print table@anchor when it exits unexpectedly via call to fatal() OK claudio@ | ||
| 3efee2e1 | 2023-06-29 19:38:49 | Update to nsd 4.7.0 OK tb | ||
| 1577142d | 2023-06-29 16:24:53 | Spaces vs tabs from florian@ | ||
| 137f9002 | 2023-06-29 16:11:02 | Rewrite pfe_route() to actually work on 64bit archs since IPv6 had to be special. One can not define a struct for the route message since there is different padding between 32 and 64 bit systems for struct sockaddr_in6. Instead do what all other daemons do and use struct sockaddr_storage, iovec and writev. Problem reported by Joerg Streckfuss (streckfuss at dfn-cert.de) OK tb@ | ||
| 74a82ef4 | 2023-06-29 14:33:35 | rpki-client: fix vap_pas stats A small mistake in a diff broke the counters. Make them AFI agnostic and adjust ometric output. guidance & ok claudio | ||
| 019c44ef | 2023-06-29 14:09:42 | In rrdp_session_save() stop the loop over deltas once MAX_RRDP_DELTAS have been processed. With and OK tb@ | ||
| c0528901 | 2023-06-29 10:28:25 | Retire log.c Convert all cryptowarnx() and cryptoerrx() to appropriate versions of warn() and err{,x}(). Neither users nor developers benefit from them. If we need better errors, we need to do some thinking. libcrypto won't do that for us. suggested by claudio ok job | ||
| b179db0e | 2023-06-29 10:22:37 | There no longer is a need to wrap the (now AFI-agnostic) ASPA providers in objects in filemode OK claudio@ | ||
| 6d67d0ff | 2023-06-28 17:36:09 | drop needless strcspn in the header parsing like done in ftp' fetch.c revision 1.216. ok tb | ||
| a2bb66a3 | 2023-06-28 17:24:20 | The warning noise due to the ASPA transition is just that: noise. Switch to warnx() instead of cryptowarnx() for now. ok job | ||
| 8b82f7f0 | 2023-06-27 22:31:27 | Inform fw_update(8) about qcpas(4) pattern. ok kettenis@ | ||
| ab34c090 | 2023-06-27 14:17:00 | Make it possible to store the kstack or ustack in a map (as value, not key). Additionally fix the bacmp() function to work on integers and strings. bacmp() is used when maps are printed out since the output is sorted by value. Also adjust the rule parser to look into correctly into if branches to figure out which values to request from the kernel. OK kn@ | ||
| 3fc75573 | 2023-06-27 14:13:33 | Document the map specific functions (count, max, min, sum) in their own part of the bt.5 man page. Input and OK kn@ | ||
| 044a957b | 2023-06-27 11:11:46 | remove allupdates marker, it was only used by the short-lived "@option explicit-update" flavor of firmware circa 2013. pkg_add hasn't needed to know about this since basically forever | ||
| 4b5fc138 | 2023-06-26 18:39:53 | Decode and validate ASPA objects following the v1 syntax Through draft-ietf-sidrops-aspa-profile-15, the ASPA profile was made AFI-agnostic. This represents a simplification for both operators and implementers in both the RPKI and BGP layers of the stack. This update changes the JSON structure. No effort was made to simultaneously support ASPA v0 and v1 objects. OK tb@ claudio@ | ||
| 6e5fef78 | 2023-06-26 14:07:19 | Start using the new ibuf API in eigrpd. One ibuf_seek() still left since the change is not trivial and I don't have a eigrp testbed. OK tb@ | ||
| d2e51e44 | 2023-06-26 10:28:12 | Improve the conn_err() bufferevent error callback. To better report errors. OK kn@ | ||
| 35f7e862 | 2023-06-26 10:08:56 | Update and refactor dvrmpd to use the new ibu API. Do the checksum calculation in send_packet() instead of doing it all over the place. This way the fixup only happens in one place. OK tb@ | ||
| 97028011 | 2023-06-25 08:08:03 | remove ssl_init() it's a noop; nowadays both LibreSSL and OpenSSL libcrypto and libssl initialize themselves automatically before doing anything. noticed by jsing, ok tb | ||
| 4958adbc | 2023-06-25 08:07:38 | remove ssl_init() it's a noop; nowadays both LibreSSL and OpenSSL libcrypto and libssl initialize themselves automatically before doing anything. ok tb | ||
| de9327fe | 2023-06-24 04:15:14 | Remove a pair of parens and make one check more consistent with the others | ||
| acb58307 | 2023-06-23 20:05:30 | Fix warning about empty ipAddressesOrRanges Committed from an older tree. | ||
| fbe04ea1 | 2023-06-23 18:32:28 | smtpd: allow arguments on NOOP per RFC3521 ยง 4.1.1.9 the NOOP command allows optionally one argument that SHOULD be ignored. For semplicity, relax it to allow anything after it. Original diff by Sebastian J. Bronner, GitHub PR 1150, tweaked by me to add smtp_check_noop(). Gilles agrees, ok millert@ | ||
| 8435fb8d | 2023-06-23 15:32:15 | Use consistent idiom for X509_get_ext_d2i() X509_get_ext_d2i() is special. A NULL return value can be either a success or a failure scenario: an extension may legitimately be absent. However, to find out whether it was absent or an error ocurred, you need to pass in &crit, a pointer to an int. Its purpose is to indicate whether the extension was marked critical or not. If the return value was NULL, crit becomes an error indicator: crit == -1 means the extension was not found. This can be an error or fine depending on the extension. Handle this accordingly. In particular for basic constraints, if they are missing or non-critical, this is an error. If crit == -2 then multiple extensions with the same OID as the nid requested are present. this means the cert is non-conformant to RFC 5280. If crit >= 0, then something weird happened. Either memory allocation failed or the extension could not be parsed. It is not easily possible to tell which. In short, if crit != -1, drop the cert on the floor like a hot potato. Add warnings where possible. For x509_any_inherits() this needs some more work, but that will be done in a different diff another day. ok job | ||
| b268327a | 2023-06-23 11:36:24 | Improve detection of RRDP session desynchronization According to RFC 8182, a given session_id and serial number represent an immutable record of the state of the Repository Server at a certain point in time. Add a check to the RRDP notification file processing to compare whether the delta hashes associated to previously seen serials are different in newly fetched notification files. Fall back to a snapshot if a difference is detected, because such a mutation is a strong desynchronization indicator. Idea from Ties de Kock (RIPE NCC). Based on a diff by job@ With and OK job@ tb@ | ||
| 76281e49 | 2023-06-23 07:40:28 | rpki-client: check for duplicate certificate extensions RFC 5280 disallows multiple extensions with the same OID. Since libcrypto does not check that currently, do this by hand. This only deals with CA certs for now, EE certs could do that similarly. Found with BBN test corpora ok job | ||
| 26660650 | 2023-06-23 07:26:21 | rpki-client: disallow empty sets of IP Addresses or AS numbers RFC 3779 doesn't say anything about empty lists of IP addresses and AS numbers. Of course the RFC 3779 code in libcrypto implements a check for empty lists for AS numbers but fails to do so for IP addresses... While RFC 6487 is explicit about disallowing empty lists of IP addresses, it is not explicit about disallowing empty ipAddressesOrRanges, but that seems to be the intent. Found with BBN test corpora ok job | ||
| eaa1bd4e | 2023-06-22 10:38:27 | Use new ibu API, switch from ibuf_seek() to ibuf_set(). Also use ibuf_data() and ibuf_size(). OK tb@ | ||
| 26fc0cbc | 2023-06-22 09:08:02 | KNF | ||
| c28564e7 | 2023-06-22 09:07:04 | KNF | ||
| bba303a8 | 2023-06-21 17:59:24 | clear errno before strtoull as it may already be set to ERANGE noticed and ok millert@ | ||
| 56ac5201 | 2023-06-21 17:56:26 | avoid truncation of filtered data lines Don't copy in a buffer the filter' output for parsing as we may truncate filter-dataline (i.e. the mail body). Instead, parse the string by advancing the pointer without copying or modifications. Issue reported by Joachim Schneider on the OpenSMTPD-portable repository. ok millert@ | ||
| dd3b9a80 | 2023-06-21 09:47:03 | add "fib reload" support to ospf6d/ospf6ctl, and trigger it automatically on a timeout after RTM_DESYNC (i.e. route socket overflow). ported across from ospfd. fixes/ok claudio@ (it's much harder to overflow the routing socket buffer these days since it was bumped to 2MB, but still happens occasionally on a busy machine). | ||
| 4b0d3762 | 2023-06-21 07:54:54 | Simplify and clean up the code. Try to use more ibuf idioms but the mix of types used in these functions make this rather hard. The expected data checks are still not great but a step in the right direction. OK tb@ | ||
| b5355054 | 2023-06-21 07:49:24 | Convert string2binary() to use new ibuf api instead of working with an extra buffer first. OK tb@ | ||
| 297c3ba2 | 2023-06-21 07:45:47 | Update ospf6d to use new ibuf api. This mostly moves away from memcpy(ibuf_seek(buf, off, size), data, size) to ibuf_set(buf, off, data, size). Also ibuf_reserve() is replaced with ibuf_add_zero(). OK tb@ | ||
| 92bc477a | 2023-06-21 07:44:08 | Remove extra newlines | ||
| 43e70bb4 | 2023-06-20 15:19:55 | Update ospfd to use new ibuf api. This mostly moves away from memcpy(ibuf_seek(buf, off, size), data, size) to ibuf_set(buf, off, data, size). Also ibuf_reserve() is replaced with ibuf_add_zero(). OK tb@ | ||
| cf954fff | 2023-06-20 15:15:14 | Use new ibuf API in rpki-client. Use ibuf_fd_get/set/avail in the file descriptor passing code. Switch some ibuf_seek() calls to ibuf_set() and use ibuf_add_zero() instead of ibuf_reserve(). OK tb@ job@ | ||
| a67807ea | 2023-06-20 14:50:05 | tweak fragment handling error messages a bit don't pass parameters we don't need | ||
| 660fcdef | 2023-06-20 12:48:32 | Ensure CRLs carry the correct version OK tb@ | ||
| b454bae8 | 2023-06-20 12:39:50 | Add compliance checks for the version, KU, and EKU of TAK/MFT/GBR EE certs OK tb@ | ||
| 138af1eb | 2023-06-20 12:28:08 | Ensure the X.509 version is V3 OK tb@ | ||
| 49409ac0 | 2023-06-20 11:06:47 | Be explicit when SIA is without rsync accessLocation OK tb@ | ||
| f69b700d | 2023-06-20 09:54:57 | Replace a ibuf_reserve() dance to add a NUL byte with ibuf_add_zero(buf, 1). Same thing but far less nasty. OK tb@ | ||
| 77251745 | 2023-06-20 02:46:18 | Fix diagnostic values emitted in warnx OK tb@ | ||
| e723f960 | 2023-06-18 19:08:52 | remove ca_verify_cb(). was initially used for debugging, then the logging went away but the no-op callback remained. noticed by tb@ | ||
| 05eca6a7 | 2023-06-18 17:28:42 | sync imsg_to_str() with the list of imsg types in smtpd.h ok millert@ | ||
| 9cc98913 | 2023-06-18 11:45:11 | relax absolute path requirement for configtest (-n) ok dv@ | ||
| 8615c063 | 2023-06-18 11:43:49 | smtpd: switch ECDSA_METHOD usage to EC_KEY_METHOD smtpd and the bits it needs in libtls are the only consumer left of ECDSA_METHOD, which is long deprecated. This paves the way for the removal in libcrypto. The diff is from gilles' work on OpenSMTPD-portable, with minor changes by me. ok tb@, jsing@ | ||
| d7569e25 | 2023-06-17 15:35:08 | "d" is the key character for DVI files, not "r"; from lennart jablonka ok millert | ||
| 8c6e4223 | 2023-06-17 08:32:48 | bump version to 7.3.0 | ||
| 41c70dd7 | 2023-06-17 08:05:48 | Fix 'ext-community * *' matching and with this set { ext-community delete * * }. Problem reported by Moyaze Shivji OK tb@ job@ | ||
| 1bce4d34 | 2023-06-17 04:46:11 | Warn when CMS signing-time attribute is missing OK tb@ | ||
| 54e1723e | 2023-06-16 16:14:34 | Convert two K&R function definitions to ANSI ok deraadt | ||
| 7068cea4 | 2023-06-16 10:38:29 | locator object owns a state object, no need to pass it as param also better method name | ||
| f723c71d | 2023-06-16 10:29:35 | belated move to OO | ||
| f6c952a4 | 2023-06-16 10:08:17 | no extra params there, to be revisited | ||
| c112ffb6 | 2023-06-16 06:44:14 | fix default parm, noticed by aja@ on clean-old-distfiles | ||
| 793984b2 | 2023-06-14 09:59:09 | GC remnants of pipe support, long gone. Display an error message for non found packages, in addition to setting the exit code. |