SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync code with last fixes and improvements from OpenBSD

Browse source
This commit is contained in:
purplerain 2023-06-12 17:03:20 +00:00
parent 8f31919cdb
commit 25f3a6cfac
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
76 changed files with 1289 additions and 694 deletions
Download patch file Download diff file Expand all files Collapse all files

2
gnu/lib/libreadline/rltty.c
View file

@ -700,7 +700,7 @@ rl_deprep_terminal ()
release_sigint ();
}
/* **************************************************************** */
/* */
/* Bogus Flow Control */

137
lib/libcrypto/bn/arch/aarch64/bn_arch.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_arch.h,v 1.9 2023/05/28 17:42:30 jsing Exp $ */
/* $OpenBSD: bn_arch.h,v 1.10 2023/06/12 16:42:11 jsing Exp $ */
/*
* Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
*
@ -63,6 +63,35 @@ bn_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1,
*out_r0 = r0;
}
#define HAVE_BN_QWADDQW
static inline void
bn_qwaddqw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b3,
BN_ULONG b2, BN_ULONG b1, BN_ULONG b0, BN_ULONG carry, BN_ULONG *out_carry,
BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0)
{
BN_ULONG r3, r2, r1, r0;
__asm__ (
"adds xzr, %[carry], #-1 \n"
"adcs %[r0], %[a0], %[b0] \n"
"adcs %[r1], %[a1], %[b1] \n"
"adcs %[r2], %[a2], %[b2] \n"
"adcs %[r3], %[a3], %[b3] \n"
"cset %[carry], cs \n"
: [carry]"+r"(carry), [r3]"=&r"(r3), [r2]"=&r"(r2),
[r1]"=&r"(r1), [r0]"=&r"(r0)
: [a3]"r"(a3), [a2]"r"(a2), [a1]"r"(a1), [a0]"r"(a0),
[b3]"r"(b3), [b2]"r"(b2), [b1]"r"(b1), [b0]"r"(b0)
: "cc");
*out_carry = carry;
*out_r3 = r3;
*out_r2 = r2;
*out_r1 = r1;
*out_r0 = r0;
}
#define HAVE_BN_MULW
static inline void
@ -148,6 +177,83 @@ bn_mulw_addtw(BN_ULONG a, BN_ULONG b, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0,
*out_r0 = r0;
}
#define HAVE_BN_QWMULW_ADDW
static inline void
bn_qwmulw_addw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b,
BN_ULONG c, BN_ULONG *out_r4, BN_ULONG *out_r3, BN_ULONG *out_r2,
BN_ULONG *out_r1, BN_ULONG *out_r0)
{
BN_ULONG r4, r3, r2, r1, r0;
__asm__ (
"umulh %[r1], %[a0], %[b] \n"
"mul %[r0], %[a0], %[b] \n"
"adds %[r0], %[r0], %[c] \n"
"umulh %[r2], %[a1], %[b] \n"
"mul %[c], %[a1], %[b] \n"
"adcs %[r1], %[r1], %[c] \n"
"umulh %[r3], %[a2], %[b] \n"
"mul %[c], %[a2], %[b] \n"
"adcs %[r2], %[r2], %[c] \n"
"umulh %[r4], %[a3], %[b] \n"
"mul %[c], %[a3], %[b] \n"
"adcs %[r3], %[r3], %[c] \n"
"adc %[r4], %[r4], xzr \n"
: [c]"+r"(c), [r4]"=&r"(r4), [r3]"=&r"(r3), [r2]"=&r"(r2),
[r1]"=&r"(r1), [r0]"=&r"(r0)
: [a3]"r"(a3), [a2]"r"(a2), [a1]"r"(a1), [a0]"r"(a0), [b]"r"(b)
: "cc");
*out_r4 = r4;
*out_r3 = r3;
*out_r2 = r2;
*out_r1 = r1;
*out_r0 = r0;
}
#define HAVE_BN_QWMULW_ADDQW_ADDW
static inline void
bn_qwmulw_addqw_addw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0,
BN_ULONG b, BN_ULONG c3, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0, BN_ULONG d,
BN_ULONG *out_r4, BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1,
BN_ULONG *out_r0)
{
BN_ULONG r4, r3, r2, r1, r0;
__asm__ (
"umulh %[r1], %[a0], %[b] \n"
"mul %[r0], %[a0], %[b] \n"
"adds %[r0], %[r0], %[d] \n"
"umulh %[r2], %[a1], %[b] \n"
"mul %[d], %[a1], %[b] \n"
"adcs %[r1], %[r1], %[d] \n"
"umulh %[r3], %[a2], %[b] \n"
"mul %[d], %[a2], %[b] \n"
"adcs %[r2], %[r2], %[d] \n"
"umulh %[r4], %[a3], %[b] \n"
"mul %[d], %[a3], %[b] \n"
"adcs %[r3], %[r3], %[d] \n"
"adc %[r4], %[r4], xzr \n"
"adds %[r0], %[r0], %[c0] \n"
"adcs %[r1], %[r1], %[c1] \n"
"adcs %[r2], %[r2], %[c2] \n"
"adcs %[r3], %[r3], %[c3] \n"
"adc %[r4], %[r4], xzr \n"
: [d]"+r"(d), [r4]"=&r"(r4), [r3]"=&r"(r3), [r2]"=&r"(r2),
[r1]"=&r"(r1), [r0]"=&r"(r0)
: [a3]"r"(a3), [a2]"r"(a2), [a1]"r"(a1), [a0]"r"(a0), [b]"r"(b),
[c3]"r"(c3), [c2]"r"(c2), [c1]"r"(c1), [c0]"r"(c0)
: "cc");
*out_r4 = r4;
*out_r3 = r3;
*out_r2 = r2;
*out_r1 = r1;
*out_r0 = r0;
}
#define HAVE_BN_SUBW
static inline void
@ -187,6 +293,35 @@ bn_subw_subw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_borrow,
*out_r0 = r0;
}
#define HAVE_BN_QWSUBQW
static inline void
bn_qwsubqw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b3,
BN_ULONG b2, BN_ULONG b1, BN_ULONG b0, BN_ULONG borrow, BN_ULONG *out_borrow,
BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0)
{
BN_ULONG r3, r2, r1, r0;
__asm__ (
"subs xzr, xzr, %[borrow] \n"
"sbcs %[r0], %[a0], %[b0] \n"
"sbcs %[r1], %[a1], %[b1] \n"
"sbcs %[r2], %[a2], %[b2] \n"
"sbcs %[r3], %[a3], %[b3] \n"
"cset %[borrow], cc \n"
: [borrow]"+r"(borrow), [r3]"=&r"(r3), [r2]"=&r"(r2),
[r1]"=&r"(r1), [r0]"=&r"(r0)
: [a3]"r"(a3), [a2]"r"(a2), [a1]"r"(a1), [a0]"r"(a0),
[b3]"r"(b3), [b2]"r"(b2), [b1]"r"(b1), [b0]"r"(b0)
: "cc");
*out_borrow = borrow;
*out_r3 = r3;
*out_r2 = r2;
*out_r1 = r1;
*out_r0 = r0;
}
#endif /* __GNUC__ */
#endif

18
lib/libcrypto/bn/bn_add.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_add.c,v 1.24 2023/02/22 05:46:37 jsing Exp $ */
/* $OpenBSD: bn_add.c,v 1.25 2023/06/12 16:17:24 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -80,18 +80,14 @@ bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
if (n <= 0)
return 0;
#ifndef OPENSSL_SMALL_FOOTPRINT
while (n & ~3) {
bn_addw_addw(a[0], b[0], carry, &carry, &r[0]);
bn_addw_addw(a[1], b[1], carry, &carry, &r[1]);
bn_addw_addw(a[2], b[2], carry, &carry, &r[2]);
bn_addw_addw(a[3], b[3], carry, &carry, &r[3]);
bn_qwaddqw(a[3], a[2], a[1], a[0], b[3], b[2], b[1], b[0],
carry, &carry, &r[3], &r[2], &r[1], &r[0]);
a += 4;
b += 4;
r += 4;
n -= 4;
}
#endif
while (n) {
bn_addw_addw(a[0], b[0], carry, &carry, &r[0]);
a++;
@ -165,18 +161,14 @@ bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
if (n <= 0)
return 0;
#ifndef OPENSSL_SMALL_FOOTPRINT
while (n & ~3) {
bn_subw_subw(a[0], b[0], borrow, &borrow, &r[0]);
bn_subw_subw(a[1], b[1], borrow, &borrow, &r[1]);
bn_subw_subw(a[2], b[2], borrow, &borrow, &r[2]);
bn_subw_subw(a[3], b[3], borrow, &borrow, &r[3]);
bn_qwsubqw(a[3], a[2], a[1], a[0], b[3], b[2], b[1], b[0],
borrow, &borrow, &r[3], &r[2], &r[1], &r[0]);
a += 4;
b += 4;
r += 4;
n -= 4;
}
#endif
while (n) {
bn_subw_subw(a[0], b[0], borrow, &borrow, &r[0]);
a++;

110
lib/libcrypto/bn/bn_internal.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_internal.h,v 1.11 2023/03/07 09:35:55 jsing Exp $ */
/* $OpenBSD: bn_internal.h,v 1.12 2023/06/12 16:17:24 jsing Exp $ */
/*
* Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
*
@ -122,6 +122,33 @@ bn_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1,
}
#endif
/*
* bn_qwaddqw() computes
* (r4:r3:r2:r1:r0) = (a3:a2:a1:a0) + (b3:b2:b1:b0) + carry, where a is a quad word,
* b is a quad word, and carry is a single word with value 0 or 1, producing a four
* word result and carry.
*/
#ifndef HAVE_BN_QWADDQW
static inline void
bn_qwaddqw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b3,
BN_ULONG b2, BN_ULONG b1, BN_ULONG b0, BN_ULONG carry, BN_ULONG *out_carry,
BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0)
{
BN_ULONG r3, r2, r1, r0;
bn_addw_addw(a0, b0, carry, &carry, &r0);
bn_addw_addw(a1, b1, carry, &carry, &r1);
bn_addw_addw(a2, b2, carry, &carry, &r2);
bn_addw_addw(a3, b3, carry, &carry, &r3);
*out_carry = carry;
*out_r3 = r3;
*out_r2 = r2;
*out_r1 = r1;
*out_r0 = r0;
}
#endif
/*
* bn_subw() computes r0 = a - b, where both inputs are single words,
* producing a single word result and borrow.
@ -159,6 +186,33 @@ bn_subw_subw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_borrow,
}
#endif
/*
* bn_qwsubqw() computes
* (r3:r2:r1:r0) = (a3:a2:a1:a0) - (b3:b2:b1:b0) - borrow, where a is a quad word,
* b is a quad word, and borrow is a single word with value 0 or 1, producing a
* four word result and borrow.
*/
#ifndef HAVE_BN_QWSUBQW
static inline void
bn_qwsubqw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b3,
BN_ULONG b2, BN_ULONG b1, BN_ULONG b0, BN_ULONG borrow, BN_ULONG *out_borrow,
BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0)
{
BN_ULONG r3, r2, r1, r0;
bn_subw_subw(a0, b0, borrow, &borrow, &r0);
bn_subw_subw(a1, b1, borrow, &borrow, &r1);
bn_subw_subw(a2, b2, borrow, &borrow, &r2);
bn_subw_subw(a3, b3, borrow, &borrow, &r3);
*out_borrow = borrow;
*out_r3 = r3;
*out_r2 = r2;
*out_r1 = r1;
*out_r0 = r0;
}
#endif
/*
* bn_mulw() computes (r1:r0) = a * b, where both inputs are single words,
* producing a double word result.
@ -387,4 +441,58 @@ bn_mul2_mulw_addtw(BN_ULONG a, BN_ULONG b, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0
}
#endif
/*
* bn_qwmulw_addw() computes (r4:r3:r2:r1:r0) = (a3:a2:a1:a0) * b + c, where a
* is a quad word, b is a single word and c is a single word, producing a five
* word result.
*/
#ifndef HAVE_BN_QWMULW_ADDW
static inline void
bn_qwmulw_addw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b,
BN_ULONG c, BN_ULONG *out_r4, BN_ULONG *out_r3, BN_ULONG *out_r2,
BN_ULONG *out_r1, BN_ULONG *out_r0)
{
BN_ULONG r3, r2, r1, r0;
bn_mulw_addw(a0, b, c, &c, &r0);
bn_mulw_addw(a1, b, c, &c, &r1);
bn_mulw_addw(a2, b, c, &c, &r2);
bn_mulw_addw(a3, b, c, &c, &r3);
*out_r4 = c;
*out_r3 = r3;
*out_r2 = r2;
*out_r1 = r1;
*out_r0 = r0;
}
#endif
/*
* bn_qwmulw_addqw_addw() computes
* (r4:r3:r2:r1:r0) = (a3:a2:a1:a0) * b + (c3:c2:c1:c0) + d, where a
* is a quad word, b is a single word, c is a quad word, and d is a single word,
* producing a five word result.
*/
#ifndef HAVE_BN_QWMULW_ADDQW_ADDW
static inline void
bn_qwmulw_addqw_addw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0,
BN_ULONG b, BN_ULONG c3, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0, BN_ULONG d,
BN_ULONG *out_r4, BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1,
BN_ULONG *out_r0)
{
BN_ULONG r3, r2, r1, r0;
bn_mulw_addw_addw(a0, b, c0, d, &d, &r0);
bn_mulw_addw_addw(a1, b, c1, d, &d, &r1);
bn_mulw_addw_addw(a2, b, c2, d, &d, &r2);
bn_mulw_addw_addw(a3, b, c3, d, &d, &r3);
*out_r4 = d;
*out_r3 = r3;
*out_r2 = r2;
*out_r1 = r1;
*out_r0 = r0;
}
#endif
#endif

19
lib/libcrypto/bn/bn_mul.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: bn_mul.c,v 1.37 2023/04/19 10:51:22 jsing Exp $ */
/* $OpenBSD: bn_mul.c,v 1.38 2023/06/12 16:17:24 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -210,17 +210,13 @@ bn_mul_words(BN_ULONG *r, const BN_ULONG *a, int num, BN_ULONG w)
if (num <= 0)
return 0;
#ifndef OPENSSL_SMALL_FOOTPRINT
while (num & ~3) {
bn_mulw_addw(a[0], w, carry, &carry, &r[0]);
bn_mulw_addw(a[1], w, carry, &carry, &r[1]);
bn_mulw_addw(a[2], w, carry, &carry, &r[2]);
bn_mulw_addw(a[3], w, carry, &carry, &r[3]);
bn_qwmulw_addw(a[3], a[2], a[1], a[0], w, carry, &carry,
&r[3], &r[2], &r[1], &r[0]);
a += 4;
r += 4;
num -= 4;
}
#endif
while (num) {
bn_mulw_addw(a[0], w, carry, &carry, &r[0]);
a++;
@ -247,17 +243,14 @@ bn_mul_add_words(BN_ULONG *r, const BN_ULONG *a, int num, BN_ULONG w)
if (num <= 0)
return 0;
#ifndef OPENSSL_SMALL_FOOTPRINT
while (num & ~3) {
bn_mulw_addw_addw(a[0], w, r[0], carry, &carry, &r[0]);
bn_mulw_addw_addw(a[1], w, r[1], carry, &carry, &r[1]);
bn_mulw_addw_addw(a[2], w, r[2], carry, &carry, &r[2]);
bn_mulw_addw_addw(a[3], w, r[3], carry, &carry, &r[3]);
bn_qwmulw_addqw_addw(a[3], a[2], a[1], a[0], w,
r[3], r[2], r[1], r[0], carry, &carry,
&r[3], &r[2], &r[1], &r[0]);
a += 4;
r += 4;
num -= 4;
}
#endif
while (num) {
bn_mulw_addw_addw(a[0], w, r[0], carry, &carry, &r[0]);
a++;

14
lib/libcrypto/ec/ec_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ec_local.h,v 1.13 2023/04/27 07:10:05 tb Exp $ */
/* $OpenBSD: ec_local.h,v 1.14 2023/06/12 18:17:18 jsing Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
@ -357,18 +357,6 @@ int ec_GFp_simple_mul_double_nonct(const EC_GROUP *, EC_POINT *r, const BIGNUM *
int ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx);
int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
const BIGNUM *x, int y_bit, BN_CTX *);
size_t ec_GF2m_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
unsigned char *buf, size_t len, BN_CTX *);
int ec_GF2m_simple_oct2point(const EC_GROUP *, EC_POINT *,
const unsigned char *buf, size_t len, BN_CTX *);
int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
/* EC_METHOD definitions */
struct ec_key_method_st {

4
regress/usr.bin/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.46 2021/03/09 17:38:24 martijn Exp $
# $OpenBSD: Makefile,v 1.47 2023/06/12 20:19:45 millert Exp $
SUBDIR+= apply
SUBDIR+= basename bc
@ -12,7 +12,7 @@ SUBDIR+= m4 mail mandoc
SUBDIR+= nc
SUBDIR+= openssl
SUBDIR+= rev
SUBDIR+= sdiff sed signify snmp sort
SUBDIR+= sdiff sed seq signify snmp sort
SUBDIR+= tsort
SUBDIR+= ul
SUBDIR+= wc

7
regress/usr.bin/seq/Makefile Normal file
View file

@ -0,0 +1,7 @@
# $OpenBSD: Makefile,v 1.1 2023/06/12 20:19:45 millert Exp $
SEQ?= /usr/bin/seq
seqtest:
sh ${.CURDIR}/$@.sh ${SEQ} $@.out
diff ${.CURDIR}/$@.expected $@.out

62
regress/usr.bin/seq/seqtest.expected Normal file
View file

@ -0,0 +1,62 @@
Test 1.1: check for invalid format string
seq: invalid format string: `foo'
Test 1.2: check for valid format string
bar1.000000
bar2.000000
bar3.000000
Test 1.3: check for invalid increment
seq: zero decrement
Test 1.4: check for first > last
seq: needs negative decrement
Test 1.5: check for increment mismatch
seq: needs positive increment
Test 1.6: check for increment mismatch
seq: needs negative decrement
Test 2.0: single argument (0)
1
0
Test 2.1: single argument (1)
1
Test 2.2: single argument (-1)
1
0
-1
Test 2.3: two arguments (1, 1)
1
Test 2.3: two arguments (1, 2)
1
2
Test 2.3: two arguments (1, -2)
1
0
-1
-2
Test 3.0: check for missing element due to rounding
1
1.1
1.2
Test 3.1: check for missing element due to rounding
0
1e-06
2e-06
3e-06
Test 3.2: check for extra element due to rounding
0.1
1.09
Test 3.3: check for extra element due to rounding check
1.05e+06

94
regress/usr.bin/seq/seqtest.sh Executable file
View file

@ -0,0 +1,94 @@
#!/bin/sh
# $OpenBSD: seqtest.sh,v 1.1 2023/06/12 20:19:45 millert Exp $
#
# Public domain, 2023, Todd C. Miller <millert@openbsd.org>
#
# Usage: seqtest.sh [seq_bin log_file]
#
# If no log file is specified, seq.out is used.
run_tests()
{
SEQ=$1
LOG=$2
rm -f $LOG
exec >$LOG 2>&1
test_args;
test_simple;
test_rounding;
}
test_args()
{
echo 'Test 1.1: check for invalid format string'
${SEQ} -f foo 3
echo
echo 'Test 1.2: check for valid format string'
${SEQ} -f bar%f 3
echo
echo 'Test 1.3: check for invalid increment'
${SEQ} 1 0 1
echo
echo 'Test 1.4: check for first > last'
${SEQ} 1 .1 -1
echo
echo 'Test 1.5: check for increment mismatch'
${SEQ} 0 -0.1 1
echo
echo 'Test 1.6: check for increment mismatch'
${SEQ} 1 0.1 0
}
test_simple()
{
echo
echo 'Test 2.0: single argument (0)'
${SEQ} 0
echo
echo 'Test 2.1: single argument (1)'
${SEQ} 1
echo
echo 'Test 2.2: single argument (-1)'
${SEQ} -1
echo
echo 'Test 2.3: two arguments (1, 1)'
${SEQ} 1 1
echo
echo 'Test 2.3: two arguments (1, 2)'
${SEQ} 1 2
echo
echo 'Test 2.3: two arguments (1, -2)'
${SEQ} 1 -2
}
test_rounding()
{
echo
echo 'Test 3.0: check for missing element due to rounding'
${SEQ} 1 0.1 1.2
echo
echo 'Test 3.1: check for missing element due to rounding'
${SEQ} 0 0.000001 0.000003
echo
echo 'Test 3.2: check for extra element due to rounding'
${SEQ} 0.1 .99 1.99
echo
echo 'Test 3.3: check for extra element due to rounding check'
${SEQ} 1050000 1050000
}
run_tests ${1:-seq} ${2:-seq.out}

7
sbin/iked/iked.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: iked.h,v 1.214 2023/05/30 08:41:15 claudio Exp $ */
/* $OpenBSD: iked.h,v 1.215 2023/06/12 09:02:31 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@ -1270,8 +1270,7 @@ struct ibuf *
int ibuf_cat(struct ibuf *, struct ibuf *);
size_t ibuf_length(struct ibuf *);
int ibuf_setsize(struct ibuf *, size_t);
uint8_t *
ibuf_data(struct ibuf *);
void *ibuf_data(struct ibuf *);
void *ibuf_getdata(struct ibuf *, size_t);
struct ibuf *
ibuf_get(struct ibuf *, size_t);
@ -1279,8 +1278,6 @@ struct ibuf *
ibuf_dup(struct ibuf *);
struct ibuf *
ibuf_random(size_t);
int ibuf_strcat(struct ibuf **, const char *);
int ibuf_strlen(struct ibuf *);
/* log.c */
void log_init(int, int);

103
sbin/iked/ikev2.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ikev2.c,v 1.367 2023/05/23 13:57:14 claudio Exp $ */
/* $OpenBSD: ikev2.c,v 1.368 2023/06/12 09:02:31 claudio Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@ -3019,18 +3019,24 @@ ikev2_handle_delete(struct iked *env, struct iked_message *msg,
struct iked_childsa **peersas = NULL;
struct iked_sa *sa = msg->msg_sa;
struct ikev2_delete *localdel;
struct ibuf *spibuf = NULL;
FILE *spif;
char *spibuf = NULL;
uint64_t *localspi = NULL;
uint64_t spi64, spi = 0;
uint32_t spi32;
uint8_t *buf;
size_t found = 0;
int ret = -1;
size_t i, sz, cnt, len;
size_t i, sz, cnt, len, dummy;
if (!msg->msg_del_protoid)
return (0);
if ((spif = open_memstream(&spibuf, &dummy)) == NULL) {
log_warn("%s", __func__);
return (0);
}
sz = msg->msg_del_spisize;
switch (sz) {
@ -3093,11 +3099,10 @@ ikev2_handle_delete(struct iked *env, struct iked_message *msg,
if (ikev2_childsa_delete(env, sa, msg->msg_del_protoid, spi,
&localspi[i], 0) != -1) {
found++;
/* append SPI to log buffer */
if (ibuf_strlen(spibuf))
ibuf_strcat(&spibuf, ", ");
ibuf_strcat(&spibuf, print_spi(spi, sz));
if (ftello(spif) > 0)
fputs(", ", spif);
fputs(print_spi(spi, sz), spif);
}
/*
@ -3143,11 +3148,12 @@ ikev2_handle_delete(struct iked *env, struct iked_message *msg,
break;
}
}
log_info("%sdeleted %zu SPI%s: %.*s",
SPI_SA(sa, NULL), found,
found == 1 ? "" : "s",
spibuf ? ibuf_strlen(spibuf) : 0,
spibuf ? (char *)ibuf_data(spibuf) : "");
fflush(spif);
if (!ferror(spif)) {
log_info("%sdeleted %zu SPI%s: %s",
SPI_SA(sa, NULL), found, found == 1 ? "" : "s",
spibuf);
}
} else {
/* XXX should we send an INVALID_SPI notification? */
ret = 0;
@ -3156,7 +3162,8 @@ ikev2_handle_delete(struct iked *env, struct iked_message *msg,
done:
free(localspi);
free(peersas);
ibuf_free(spibuf);
fclose(spif);
free(spibuf);
return (ret);
}
@ -6414,15 +6421,21 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa)
struct iked_childsa *csa, *ocsa, *ipcomp;
struct iked_flow *flow, *oflow;
int peer_changed, reload;
struct ibuf *spibuf = NULL;
struct ibuf *flowbuf = NULL;
char *buf;
FILE *spif, *flowf;
char *spibuf = NULL, *flowbuf = NULL;
char prenat_mask[10];
uint16_t encrid = 0, integrid = 0, groupid = 0;
size_t encrlen = 0, integrlen = 0;
size_t encrlen = 0, integrlen = 0, spisz, flowsz;
int esn = 0;
int ret = -1;
spif = open_memstream(&spibuf, &spisz);
flowf = open_memstream(&flowbuf, &flowsz);
if (spif == NULL || flowf == NULL) {
log_warn("%s", __func__);
return (ret);
}
TAILQ_FOREACH(csa, &sa->sa_childsas, csa_entry) {
if (csa->csa_rekey || csa->csa_loaded)
continue;
@ -6466,16 +6479,12 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa)
print_spi(csa->csa_spi.spi, csa->csa_spi.spi_size));
/* append SPI to log buffer */
if (ibuf_strlen(spibuf))
ibuf_strcat(&spibuf, ", ");
ibuf_strcat(&spibuf, print_spi(csa->csa_spi.spi,
csa->csa_spi.spi_size));
if (ipcomp) {
ibuf_strcat(&spibuf, "(");
ibuf_strcat(&spibuf, print_spi(ipcomp->csa_spi.spi,
if (ftello(spif) > 0)
fputs(", ", spif);
fputs(print_spi(csa->csa_spi.spi, csa->csa_spi.spi_size), spif);
if (ipcomp)
fprintf(spif, "(%s)", print_spi(ipcomp->csa_spi.spi,
ipcomp->csa_spi.spi_size));
ibuf_strcat(&spibuf, ")");
}
if (!encrid) {
encrid = csa->csa_encrid;
encrlen = ibuf_length(csa->csa_encrkey);
@ -6538,25 +6547,26 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa)
flow->flow_prenat.addr_mask);
else
prenat_mask[0] = '\0';
if (flow->flow_dir == IPSP_DIRECTION_OUT &&
asprintf(&buf, "%s-%s/%d%s%s%s%s%s=%s/%d(%u)%s",
if (flow->flow_dir == IPSP_DIRECTION_OUT) {
if (ftello(flowf) > 0)
fputs(", ", flowf);
fprintf(flowf, "%s-%s/%d%s%s%s%s%s=%s/%d(%u)%s",
print_map(flow->flow_saproto, ikev2_saproto_map),
print_host((struct sockaddr *)&flow->flow_src.addr, NULL, 0),
print_host((struct sockaddr *)&flow->flow_src.addr,
NULL, 0),
flow->flow_src.addr_mask,
flow->flow_prenat.addr_af != 0 ? "[": "",
flow->flow_prenat.addr_af != 0 ? print_host((struct sockaddr *)
flow->flow_prenat.addr_af != 0 ?
print_host((struct sockaddr *)
&flow->flow_prenat.addr, NULL, 0) : "",
flow->flow_prenat.addr_af != 0 ? "/" : "",
flow->flow_prenat.addr_af != 0 ? prenat_mask : "",
flow->flow_prenat.addr_af != 0 ? "]": "",
print_host((struct sockaddr *)&flow->flow_dst.addr, NULL, 0),
print_host((struct sockaddr *)&flow->flow_dst.addr,
NULL, 0),
flow->flow_dst.addr_mask,
flow->flow_ipproto,
reload ? "-R" : "") != -1) {
if (ibuf_strlen(flowbuf))
ibuf_strcat(&flowbuf, ", ");
ibuf_strcat(&flowbuf, buf);
free(buf);
reload ? "-R" : "");
}
}
@ -6569,10 +6579,10 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa)
NULL, 0));
}
if (ibuf_strlen(spibuf)) {
log_info("%s: loaded SPIs: %.*s (enc %s%s%s%s%s%s)",
SPI_SA(sa, __func__),
ibuf_strlen(spibuf), ibuf_data(spibuf),
fflush(spif);
if (ftello(spif) > 0 && !ferror(spif)) {
log_info("%s: loaded SPIs: %s (enc %s%s%s%s%s%s)",
SPI_SA(sa, __func__), spibuf,
print_xf(encrid, encrlen, ipsecencxfs),
integrid ? " auth " : "",
integrid ? print_xf(integrid, integrlen, authxfs) : "",
@ -6580,14 +6590,17 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa)
groupid ? print_xf(groupid, 0, groupxfs) : "",
esn ? " esn" : "");
}
if (ibuf_strlen(flowbuf))
log_info("%s: loaded flows: %.*s", SPI_SA(sa, __func__),
ibuf_strlen(flowbuf), ibuf_data(flowbuf));
fflush(flowf);
if (ftello(flowf) > 0 && !ferror(flowf)) {
log_info("%s: loaded flows: %s", SPI_SA(sa, __func__), flowbuf);
}
ret = 0;
done:
ibuf_free(spibuf);
ibuf_free(flowbuf);
fclose(spif);
fclose(flowf);
free(spibuf);
free(flowbuf);
return (ret);
}

28
sbin/iked/imsg_util.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: imsg_util.c,v 1.17 2023/05/30 08:41:15 claudio Exp $ */
/* $OpenBSD: imsg_util.c,v 1.18 2023/06/12 09:02:32 claudio Exp $ */
/*
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
@ -83,7 +83,7 @@ ibuf_length(struct ibuf *buf)
return (ibuf_size(buf));
}
uint8_t *
void *
ibuf_data(struct ibuf *buf)
{
return (ibuf_seek(buf, 0, 0));
@ -144,27 +144,3 @@ ibuf_setsize(struct ibuf *buf, size_t len)
buf->wpos = len;
return (0);
}
int
ibuf_strcat(struct ibuf **buf, const char *s)
{
size_t slen;
if (buf == NULL)
return (-1);
slen = strlen(s);
if (*buf == NULL) {
if ((*buf = ibuf_new(s, slen)) == NULL)
return (-1);
return (0);
}
return (ibuf_add(*buf, s, slen));
}
int
ibuf_strlen(struct ibuf *buf)
{
if (ibuf_length(buf) > INT_MAX)
return (INT_MAX);
return ((int)ibuf_length(buf));
}

5
share/man/man4/urtwn.4
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: urtwn.4,v 1.55 2023/04/28 06:21:42 jmc Exp $
.\" $OpenBSD: urtwn.4,v 1.56 2023/06/12 11:30:55 jsg Exp $
.\"
.\" Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr>
.\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: April 28 2023 $
.Dd $Mdocdate: June 12 2023 $
.Dt URTWN 4
.Os
.Sh NAME
@ -122,6 +122,7 @@ The following adapters should work:
.It Hercules Wireless N USB Pico HWNUp-150
.It IO-DATA WN-G150UM
.It ISY IWL4000 USB Wireless Micro Adapter
.It Mercusys MW150US V2
.It Netgear WNA1000A
.It Netgear WNA1000M
.It Netgear WNA1000Mv2

3
sys/dev/usb/if_urtwn.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: if_urtwn.c,v 1.107 2023/04/28 01:24:14 kevlo Exp $ */
/* $OpenBSD: if_urtwn.c,v 1.108 2023/06/12 11:27:30 jsg Exp $ */
/*-
* Copyright (c) 2010 Damien Bergamini <damien.bergamini@free.fr>
@ -333,6 +333,7 @@ static const struct urtwn_type {
URTWN_DEV_8188EU(DLINK, DWA125D1),
URTWN_DEV_8188EU(EDIMAX, EW7811UNV2),
URTWN_DEV_8188EU(ELECOM, WDC150SU2M),
URTWN_DEV_8188EU(MERCUSYS, MW150USV2),
URTWN_DEV_8188EU(REALTEK, RTL8188ETV),
URTWN_DEV_8188EU(REALTEK, RTL8188EU),
URTWN_DEV_8188EU(TPLINK, RTL8188EUS),

6
sys/dev/usb/usbdevs
View file

@ -1,4 +1,4 @@
$OpenBSD: usbdevs,v 1.756 2023/05/10 18:26:05 miod Exp $
$OpenBSD: usbdevs,v 1.757 2023/06/12 11:26:24 jsg Exp $
/* $NetBSD: usbdevs,v 1.322 2003/05/10 17:47:14 hamajima Exp $ */
/*
@ -645,6 +645,7 @@ vendor THINGM 0x27b8 ThingM
vendor ASUSTEK 0x2821 ASUSTeK Computer
vendor PIONEERDJ 0x2b73 Pioneer DJ
vendor PLANEX 0x2c02 Planex Communications
vendor MERCUSYS 0x2c4e Mercusys
vendor QUECTEL 0x2c7c Quectel
vendor CLUB3D 0x2d1c Club 3D
vendor AQUANTIA 0x2eca Aquantia
@ -3099,6 +3100,9 @@ product MELCO UWABR100 0x017f SONY UWA-BR100
product MELCO WLIUCGNM 0x01a2 WLI-UC-GNM
product MELCO WLIUCGNM2 0x01ee WLI-UC-GNM2
/* Mercusys products */
product MERCUSYS MW150USV2 0x0102 MW150US V2
/* MetaGeek products */
product METAGEEK WISPY24I 0x2400 Wi-Spy 2.4i

8
sys/dev/usb/usbdevs.h
View file

@ -1,10 +1,10 @@
/* $OpenBSD: usbdevs.h,v 1.768 2023/05/10 18:26:43 miod Exp $ */
/* $OpenBSD: usbdevs.h,v 1.769 2023/06/12 11:26:54 jsg Exp $ */
/*
* THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
*
* generated from:
* OpenBSD: usbdevs,v 1.756 2023/05/10 18:26:05 miod Exp
* OpenBSD: usbdevs,v 1.757 2023/06/12 11:26:24 jsg Exp
*/
/* $NetBSD: usbdevs,v 1.322 2003/05/10 17:47:14 hamajima Exp $ */
@ -652,6 +652,7 @@
#define USB_VENDOR_ASUSTEK 0x2821 /* ASUSTeK Computer */
#define USB_VENDOR_PIONEERDJ 0x2b73 /* Pioneer DJ */
#define USB_VENDOR_PLANEX 0x2c02 /* Planex Communications */
#define USB_VENDOR_MERCUSYS 0x2c4e /* Mercusys */
#define USB_VENDOR_QUECTEL 0x2c7c /* Quectel */
#define USB_VENDOR_CLUB3D 0x2d1c /* Club 3D */
#define USB_VENDOR_AQUANTIA 0x2eca /* Aquantia */
@ -3106,6 +3107,9 @@
#define USB_PRODUCT_MELCO_WLIUCGNM 0x01a2 /* WLI-UC-GNM */
#define USB_PRODUCT_MELCO_WLIUCGNM2 0x01ee /* WLI-UC-GNM2 */
/* Mercusys products */
#define USB_PRODUCT_MERCUSYS_MW150USV2 0x0102 /* MW150US V2 */
/* MetaGeek products */
#define USB_PRODUCT_METAGEEK_WISPY24I 0x2400 /* Wi-Spy 2.4i */

12
sys/dev/usb/usbdevs_data.h
View file

@ -1,10 +1,10 @@
/* $OpenBSD: usbdevs_data.h,v 1.762 2023/05/10 18:26:43 miod Exp $ */
/* $OpenBSD: usbdevs_data.h,v 1.763 2023/06/12 11:26:54 jsg Exp $ */
/*
* THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
*
* generated from:
* OpenBSD: usbdevs,v 1.756 2023/05/10 18:26:05 miod Exp
* OpenBSD: usbdevs,v 1.757 2023/06/12 11:26:24 jsg Exp
*/
/* $NetBSD: usbdevs,v 1.322 2003/05/10 17:47:14 hamajima Exp $ */
@ -7513,6 +7513,10 @@ const struct usb_known_product usb_known_products[] = {
USB_VENDOR_MELCO, USB_PRODUCT_MELCO_WLIUCGNM2,
"WLI-UC-GNM2",
},
{
USB_VENDOR_MERCUSYS, USB_PRODUCT_MERCUSYS_MW150USV2,
"MW150US V2",
},
{
USB_VENDOR_METAGEEK, USB_PRODUCT_METAGEEK_WISPY24I,
"Wi-Spy 2.4i",
@ -14681,6 +14685,10 @@ const struct usb_known_vendor usb_known_vendors[] = {
USB_VENDOR_PLANEX,
"Planex Communications",
},
{
USB_VENDOR_MERCUSYS,
"Mercusys",
},
{
USB_VENDOR_QUECTEL,
"Quectel",

6
sys/net/if.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: if.c,v 1.699 2023/06/05 11:35:46 bluhm Exp $ */
/* $OpenBSD: if.c,v 1.700 2023/06/12 21:19:54 mvs Exp $ */
/* $NetBSD: if.c,v 1.35 1996/05/07 05:26:04 thorpej Exp $ */
/*
@ -1170,6 +1170,8 @@ if_detach(struct ifnet *ifp)
ifafree(ifa);
}
}
splx(s);
NET_UNLOCK();
KASSERT(TAILQ_EMPTY(&ifp->if_addrhooks));
KASSERT(TAILQ_EMPTY(&ifp->if_linkstatehooks));
@ -1178,8 +1180,6 @@ if_detach(struct ifnet *ifp)
#ifdef INET6
nd6_ifdetach(ifp);
#endif
splx(s);
NET_UNLOCK();
/* Announce that the interface is gone. */
rtm_ifannounce(ifp, IFAN_DEPARTURE);

25
usr.bin/seq/seq.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: seq.c,v 1.6 2022/02/25 16:00:39 tb Exp $ */
/* $OpenBSD: seq.c,v 1.7 2023/06/12 20:15:06 millert Exp $ */
/*-
* Copyright (c) 2005 The NetBSD Foundation, Inc.
@ -89,13 +89,13 @@ main(int argc, char *argv[])
double first = 1.0;
double last = 0.0;
double incr = 0.0;
double last_shown_value = 0.0;
double prev = 0.0;
double cur, step;
struct lconv *locale;
char *fmt = NULL;
const char *sep = "\n";
const char *term = "\n";
char *cur_print, *last_print;
char *cur_print, *last_print, *prev_print;
char pad = ZERO;
if (pledge("stdio", NULL) == -1)
@ -176,34 +176,37 @@ main(int argc, char *argv[])
} else
fmt = generate_format(first, incr, last, equalize, pad);
warnx("first: %f, incr: %f", first, incr);
for (step = 1, cur = first; incr > 0 ? cur <= last : cur >= last;
cur = first + incr * step++) {
if (cur != first)
fputs(sep, stdout);
printf(fmt, cur);
last_shown_value = cur;
prev = cur;
}
/*
* Did we miss the last value of the range in the loop above?
*
* We might have, so check if the printable version of the last
* computed value ('cur') and desired 'last' value are equal. If they
* are equal after formatting truncation, but 'cur' and
* 'last_shown_value' are not equal, it means the exit condition of the
* loop held true due to a rounding error and we still need to print
* 'last'.
* computed value ('cur') and desired 'last' value are equal. If
* they are equal after formatting truncation, but 'cur' and 'prev'
* are different, it means the exit condition of the loop held true
* due to a rounding error and we still need to print 'last'.
*/
if (asprintf(&cur_print, fmt, cur) == -1 ||
asprintf(&last_print, fmt, last) == -1)
asprintf(&last_print, fmt, last) == -1 ||
asprintf(&prev_print, fmt, prev) == -1)
err(1, "asprintf");
if (strcmp(cur_print, last_print) == 0 && cur != last_shown_value) {
if (strcmp(cur_print, last_print) == 0 &&
strcmp(cur_print, prev_print) != 0) {
if (cur != first)
fputs(sep, stdout);
fputs(last_print, stdout);
}
free(cur_print);
free(last_print);
free(prev_print);
fputs(term, stdout);

14
usr.sbin/bgpd/rde.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: rde.c,v 1.605 2023/04/20 15:44:45 claudio Exp $ */
/* $OpenBSD: rde.c,v 1.606 2023/06/12 12:48:07 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@ -2828,7 +2828,6 @@ rde_dump_rib_as(struct prefix *p, struct rde_aspath *asp, pid_t pid, int flags,
struct rib_entry *re;
struct prefix *xp;
struct rde_peer *peer;
void *bp;
time_t staletime;
size_t aslen;
uint8_t l;
@ -2931,15 +2930,10 @@ rde_dump_rib_as(struct prefix *p, struct rde_aspath *asp, pid_t pid, int flags,
if ((a = asp->others[l]) == NULL)
break;
if ((wbuf = imsg_create(ibuf_se_ctl,
IMSG_CTL_SHOW_RIB_ATTR, 0, pid,
attr_optlen(a))) == NULL)
IMSG_CTL_SHOW_RIB_ATTR, 0, pid, 0)) == NULL)
return;
if ((bp = ibuf_reserve(wbuf, attr_optlen(a))) == NULL) {
ibuf_free(wbuf);
return;
}
if (attr_write(bp, attr_optlen(a), a->flags,
a->type, a->data, a->len) == -1) {
if (attr_writebuf(wbuf, a->flags, a->type, a->data,
a->len) == -1) {
ibuf_free(wbuf);
return;
}

4
usr.sbin/bgpd/rde.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: rde.h,v 1.293 2023/04/19 13:23:33 claudio Exp $ */
/* $OpenBSD: rde.h,v 1.294 2023/06/12 12:48:07 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org> and
@ -401,8 +401,6 @@ void attr_copy(struct rde_aspath *, const struct rde_aspath *);
int attr_compare(struct rde_aspath *, struct rde_aspath *);
void attr_freeall(struct rde_aspath *);
void attr_free(struct rde_aspath *, struct attr *);
#define attr_optlen(x) \
((x)->len > 255 ? (x)->len + 4 : (x)->len + 3)
struct aspath *aspath_get(void *, uint16_t);
struct aspath *aspath_copy(struct aspath *);

4
usr.sbin/bgpd/rde_attr.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: rde_attr.c,v 1.132 2022/12/14 12:37:15 claudio Exp $ */
/* $OpenBSD: rde_attr.c,v 1.133 2023/06/12 12:10:17 claudio Exp $ */
/*
* Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
@ -85,7 +85,7 @@ attr_writebuf(struct ibuf *buf, uint8_t flags, uint8_t type, void *data,
if (ibuf_add(buf, hdr, flags & ATTR_EXTLEN ? 4 : 3) == -1)
return (-1);
if (data && ibuf_add(buf, data, data_len) == -1)
if (data != NULL && ibuf_add(buf, data, data_len) == -1)
return (-1);
return (0);
}

6
usr.sbin/rpki-client/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.30 2023/04/27 07:57:25 claudio Exp $
# $OpenBSD: Makefile,v 1.31 2023/06/12 14:56:38 claudio Exp $
PROG= rpki-client
SRCS= as.c aspa.c cert.c cms.c crl.c encoding.c filemode.c gbr.c geofeed.c \
@ -9,8 +9,8 @@ SRCS= as.c aspa.c cert.c cms.c crl.c encoding.c filemode.c gbr.c geofeed.c \
tal.c validate.c x509.c
MAN= rpki-client.8
LDADD+= -lexpat -ltls -lssl -lcrypto -lutil
DPADD+= ${LIBEXPAT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} ${LIBUTIL}
LDADD+= -lexpat -ltls -lssl -lcrypto -lutil -lz
DPADD+= ${LIBEXPAT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} ${LIBUTIL} ${LIBZ}
CFLAGS+= -Wall -I${.CURDIR}
CFLAGS+= -Wstrict-prototypes -Wmissing-prototypes

6
usr.sbin/rpki-client/cms.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: cms.c,v 1.34 2023/05/30 11:09:08 tb Exp $ */
/* $OpenBSD: cms.c,v 1.35 2023/06/12 18:22:02 job Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@ -315,11 +315,9 @@ cms_parse_validate_internal(X509 **xp, const char *fn, const unsigned char *der,
if (!x509_get_notafter(*xp, fn, &notafter))
goto out;
if (*signtime > notafter) {
if (*signtime > notafter)
warnx("%s: dating issue: CMS signing-time after X.509 notAfter",
fn);
goto out;
}
if (CMS_SignerInfo_get0_signer_id(si, &kid, NULL, NULL) != 1 ||
kid == NULL) {

243
usr.sbin/rpki-client/http.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: http.c,v 1.74 2023/05/10 15:24:41 claudio Exp $ */
/* $OpenBSD: http.c,v 1.76 2023/06/12 15:27:52 claudio Exp $ */
/*
* Copyright (c) 2020 Nils Fisher <nils_fisher@hotmail.com>
* Copyright (c) 2020 Claudio Jeker <claudio@openbsd.org>
@ -52,6 +52,7 @@
#include <ctype.h>
#include <err.h>
#include <errno.h>
#include <imsg.h>
#include <limits.h>
#include <netdb.h>
#include <poll.h>
@ -61,7 +62,7 @@
#include <string.h>
#include <unistd.h>
#include <vis.h>
#include <imsg.h>
#include <zlib.h>
#include <tls.h>
@ -70,7 +71,7 @@
#define HTTP_USER_AGENT "OpenBSD rpki-client"
#define HTTP_BUF_SIZE (32 * 1024)
#define HTTP_IDLE_TIMEOUT 10
#define MAX_CONTENTLEN (2 * 1024 * 1024 * 1024LL)
#define MAX_CONTENTLEN (2 * 1024 * 1024 * 1024UL)
#define NPFDS (MAX_HTTP_REQUESTS + 1)
enum res {
@ -104,6 +105,15 @@ struct http_proxy {
char *proxyauth;
} proxy;
struct http_zlib {
z_stream zs;
char *zbuf;
size_t zbufsz;
size_t zbufpos;
size_t zinsz;
int zdone;
};
struct http_connection {
LIST_ENTRY(http_connection) entry;
char *host;
@ -116,15 +126,17 @@ struct http_connection {
struct addrinfo *res;
struct tls *tls;
char *buf;
struct http_zlib *zlibctx;
size_t bufsz;
size_t bufpos;
off_t iosz;
off_t totalsz;
size_t iosz;
size_t totalsz;
time_t idle_time;
time_t io_time;
int status;
int fd;
int chunked;
int gzipped;
int keep_alive;
short events;
enum http_state state;
@ -164,6 +176,13 @@ static void http_req_done(unsigned int, enum http_result, const char *);
static void http_req_fail(unsigned int);
static int http_req_schedule(struct http_request *);
/* HTTP decompression helper */
static int http_inflate_new(struct http_connection *);
static void http_inflate_free(struct http_connection *);
static void http_inflate_done(struct http_connection *);
static int http_inflate_data(struct http_connection *);
static enum res http_inflate_advance(struct http_connection *);
/* HTTP connection API */
static void http_new(struct http_request *);
static void http_free(struct http_connection *);
@ -191,6 +210,7 @@ static enum res http_write(struct http_connection *);
static enum res proxy_read(struct http_connection *);
static enum res proxy_write(struct http_connection *);
static enum res data_write(struct http_connection *);
static enum res data_inflate_write(struct http_connection *);
/*
* Return a string that can be used in error message to identify the
@ -666,6 +686,141 @@ http_req_schedule(struct http_request *req)
return 0;
}
/*
* Allocate everything to allow inline decompression during write out.
* Returns 0 on success, -1 on failure.
*/
static int
http_inflate_new(struct http_connection *conn)
{
struct http_zlib *zctx;
if (conn->zlibctx != NULL)
return 0;
if ((zctx = calloc(1, sizeof(*zctx))) == NULL)
goto fail;
zctx->zbufsz = HTTP_BUF_SIZE;
if ((zctx->zbuf = malloc(zctx->zbufsz)) == NULL)
goto fail;
if (inflateInit2(&zctx->zs, MAX_WBITS + 32) != Z_OK)
goto fail;
conn->zlibctx = zctx;
return 0;
fail:
warnx("%s: decompression initalisation failed", conn_info(conn));
if (zctx != NULL)
free(zctx->zbuf);
free(zctx);
return -1;
}
/* Free all memory used by the decompression API */
static void
http_inflate_free(struct http_connection *conn)
{
if (conn->zlibctx == NULL)
return;
inflateEnd(&conn->zlibctx->zs);
free(conn->zlibctx->zbuf);
free(conn->zlibctx);
conn->zlibctx = NULL;
}
/* Reset the decompression state to allow a new request to use it */
static void
http_inflate_done(struct http_connection *conn)
{
if (inflateReset(&conn->zlibctx->zs) != Z_OK)
http_inflate_free(conn);
}
/*
* Inflate the data from conn->buf into zctx->zbuf. The number of bytes
* available in zctx->zbuf is stored in zctx->zbufpos.
* Returns -1 on failure.
*/
static int
http_inflate_data(struct http_connection *conn)
{
struct http_zlib *zctx = conn->zlibctx;
size_t bsz = conn->bufpos;
int rv;
if (conn->iosz < bsz)
bsz = conn->iosz;
zctx->zdone = 0;
zctx->zbufpos = 0;
zctx->zinsz = bsz;
zctx->zs.next_in = conn->buf;
zctx->zs.avail_in = bsz;
zctx->zs.next_out = zctx->zbuf;
zctx->zs.avail_out = zctx->zbufsz;
switch ((rv = inflate(&zctx->zs, Z_NO_FLUSH))) {
case Z_OK:
break;
case Z_STREAM_END:
zctx->zdone = 1;
break;
default:
if (zctx->zs.msg != NULL)
warnx("%s: inflate failed: %s", conn_info(conn),
zctx->zs.msg);
else
warnx("%s: inflate failed error %d", conn_info(conn),
rv);
return -1;
}
/* calculate how much can be written out */
zctx->zbufpos = zctx->zbufsz - zctx->zs.avail_out;
return 0;
}
/*
* Advance the input buffer after the output buffer has been fully written.
* If compression is done finish the transaction else read more data.
*/
static enum res
http_inflate_advance(struct http_connection *conn)
{
struct http_zlib *zctx = conn->zlibctx;
size_t bsz = zctx->zinsz - zctx->zs.avail_in;
/* adjust compressed input buffer */
conn->bufpos -= bsz;
conn->iosz -= bsz;
memmove(conn->buf, conn->buf + bsz, conn->bufpos);
if (zctx->zdone) {
/* all compressed data processed */
conn->gzipped = 0;
http_inflate_done(conn);
if (conn->iosz == 0) {
if (!conn->chunked) {
return http_done(conn, HTTP_OK);
} else {
conn->state = STATE_RESPONSE_CHUNKED_CRLF;
return http_read(conn);
}
} else {
warnx("%s: inflate extra data after end",
conn_info(conn));
return http_failed(conn);
}
}
if (conn->chunked && conn->iosz == 0)
conn->state = STATE_RESPONSE_CHUNKED_CRLF;
else
conn->state = STATE_RESPONSE_DATA;
return http_read(conn);
}
/*
* Create a new HTTP connection which will be used for the HTTP request req.
* On errors a req faulure is issued and both connection and request are freed.
@ -722,6 +877,7 @@ http_free(struct http_connection *conn)
http_conn_count--;
http_req_free(conn->req);
http_inflate_free(conn);
free(conn->host);
free(conn->port);
free(conn->last_modified);
@ -752,6 +908,11 @@ http_done(struct http_connection *conn, enum http_result res)
assert(conn->chunked == 0);
assert(conn->redir_uri == NULL);
if (conn->gzipped) {
conn->gzipped = 0;
http_inflate_done(conn);
}
conn->state = STATE_IDLE;
conn->idle_time = getmonotime() + HTTP_IDLE_TIMEOUT;
@ -945,12 +1106,12 @@ http_tls_connect(struct http_connection *conn)
return http_failed(conn);
}
if (tls_configure(conn->tls, tls_config) == -1) {
warnx("%s: TLS configuration: %s\n", conn_info(conn),
warnx("%s: TLS configuration: %s", conn_info(conn),
tls_error(conn->tls));
return http_failed(conn);
}
if (tls_connect_socket(conn->tls, conn->fd, conn->host) == -1) {
warnx("%s: TLS connect: %s\n", conn_info(conn),
warnx("%s: TLS connect: %s", conn_info(conn),
tls_error(conn->tls));
return http_failed(conn);
}
@ -1060,7 +1221,7 @@ http_request(struct http_connection *conn)
if ((r = asprintf(&conn->buf,
"GET /%s HTTP/1.1\r\n"
"Host: %s\r\n"
"Accept-Encoding: identity\r\n"
"Accept-Encoding: gzip, deflate\r\n"
"User-Agent: " HTTP_USER_AGENT "\r\n"
"%s\r\n",
epath, host,
@ -1195,6 +1356,7 @@ http_parse_header(struct http_connection *conn, char *buf)
#define LOCATION "Location:"
#define CONNECTION "Connection:"
#define TRANSFER_ENCODING "Transfer-Encoding:"
#define CONTENT_ENCODING "Content-Encoding:"
#define LAST_MODIFIED "Last-Modified:"
const char *errstr;
char *cp, *redirurl;
@ -1263,6 +1425,17 @@ http_parse_header(struct http_connection *conn, char *buf)
cp[strcspn(cp, " \t")] = '\0';
if (strcasecmp(cp, "chunked") == 0)
conn->chunked = 1;
} else if (strncasecmp(cp, CONTENT_ENCODING,
sizeof(CONTENT_ENCODING) - 1) == 0) {
cp += sizeof(CONTENT_ENCODING) - 1;
cp += strspn(cp, " \t");
cp[strcspn(cp, " \t")] = '\0';
if (strcasecmp(cp, "gzip") == 0 ||
strcasecmp(cp, "deflate") == 0) {
if (http_inflate_new(conn) == -1)
return -1;
conn->gzipped = 1;
}
} else if (strncasecmp(cp, CONNECTION, sizeof(CONNECTION) - 1) == 0) {
cp += sizeof(CONNECTION) - 1;
cp += strspn(cp, " \t");
@ -1332,7 +1505,7 @@ http_parse_chunked(struct http_connection *conn, char *buf)
errno = 0;
chunksize = strtoul(header, &end, 16);
if (header[0] == '\0' || *end != '\0' || (errno == ERANGE &&
chunksize == ULONG_MAX) || chunksize > INT_MAX)
chunksize == ULONG_MAX) || chunksize > MAX_CONTENTLEN)
return -1;
conn->iosz = chunksize;
@ -1452,7 +1625,7 @@ again:
return http_failed(conn);
case STATE_RESPONSE_DATA:
if (conn->bufpos != conn->bufsz &&
conn->iosz > (off_t)conn->bufpos)
conn->iosz > conn->bufpos)
goto read_more;
/* got a buffer full of data */
@ -1460,7 +1633,7 @@ again:
/*
* After redirects all data needs to be discarded.
*/
if (conn->iosz < (off_t)conn->bufpos) {
if (conn->iosz < conn->bufpos) {
conn->bufpos -= conn->iosz;
conn->iosz = 0;
} else {
@ -1696,7 +1869,7 @@ data_write(struct http_connection *conn)
assert(conn->state == STATE_WRITE_DATA);
if (conn->iosz < (off_t)bsz)
if (conn->iosz < bsz)
bsz = conn->iosz;
s = write(conn->req->outfd, conn->buf, bsz);
@ -1732,6 +1905,49 @@ data_write(struct http_connection *conn)
return WANT_POLLOUT;
}
/*
* Inflate and write data into provided file descriptor.
* This is a simplified version of data_write() that just writes out the
* decompressed file stream. All the buffer handling is done by
* http_inflate_data() and http_inflate_advance().
*/
static enum res
data_inflate_write(struct http_connection *conn)
{
struct http_zlib *zctx = conn->zlibctx;
ssize_t s;
assert(conn->state == STATE_WRITE_DATA);
/* no decompressed data, get more */
if (zctx->zbufpos == 0)
if (http_inflate_data(conn) == -1)
return http_failed(conn);
s = write(conn->req->outfd, zctx->zbuf, zctx->zbufpos);
if (s == -1) {
warn("%s: data write", conn_info(conn));
return http_failed(conn);
}
conn->totalsz += s;
if (conn->totalsz > MAX_CONTENTLEN) {
warn("%s: too much decompressed data offered", conn_info(conn));
return http_failed(conn);
}
/* adjust output buffer */
zctx->zbufpos -= s;
memmove(zctx->zbuf, zctx->zbuf + s, zctx->zbufpos);
/* all decompressed data written, progress input */
if (zctx->zbufpos == 0)
return http_inflate_advance(conn);
/* still more data to write in buffer */
return WANT_POLLOUT;
}
/*
* Do one IO call depending on the connection state.
* Return WANT_POLLIN or WANT_POLLOUT to poll for more data.
@ -1765,6 +1981,9 @@ http_handle(struct http_connection *conn)
case STATE_RESPONSE_CHUNKED_TRAILER:
return http_read(conn);
case STATE_WRITE_DATA:
if (conn->gzipped)
return data_inflate_write(conn);
else
return data_write(conn);
case STATE_CLOSE:
return http_close(conn);