diff --git a/games/atc/games/Atlantis b/games/atc/games/Atlantis index e5b601ddb..e077b2b86 100644 --- a/games/atc/games/Atlantis +++ b/games/atc/games/Atlantis @@ -1,3 +1,5 @@ +# $OpenBSD: Atlantis,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 5; width = 30; diff --git a/games/atc/games/Game_List b/games/atc/games/Game_List index 0bc75516e..7c6185d40 100644 --- a/games/atc/games/Game_List +++ b/games/atc/games/Game_List @@ -1,3 +1,4 @@ +# $OpenBSD: Game_List,v 1.2 2024/08/23 04:26:11 deraadt Exp $ default easy crossover diff --git a/games/atc/games/Killer b/games/atc/games/Killer index f15d06023..311eadc28 100644 --- a/games/atc/games/Killer +++ b/games/atc/games/Killer @@ -1,3 +1,5 @@ +# $OpenBSD: Killer,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 1; newplane = 4; width = 30; diff --git a/games/atc/games/OHare b/games/atc/games/OHare index 1efd67971..2611f5b94 100644 --- a/games/atc/games/OHare +++ b/games/atc/games/OHare @@ -1,3 +1,5 @@ +# $OpenBSD: OHare,v 1.3 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 5; width = 30; @@ -7,6 +9,11 @@ exit: ( 6 0 x ) ( 18 0 x ) ( 29 5 a ) ( 29 13 a ) ( 14 20 e ) ( 6 20 w ) ; +# +# Note: Some marker beacons at ORD were decommissioned after this file was +# written. Pilots are advised to not use the beacon information here for +# flight planning. +# beacon: ( 6 5 ) ( 18 5 ) ( 6 13 ) ; diff --git a/games/atc/games/Tic-Tac-Toe b/games/atc/games/Tic-Tac-Toe index bd1468aa5..4df0dc6b1 100644 --- a/games/atc/games/Tic-Tac-Toe +++ b/games/atc/games/Tic-Tac-Toe @@ -1,3 +1,5 @@ +# $OpenBSD: Tic-Tac-Toe,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 5; width = 30; diff --git a/games/atc/games/airports b/games/atc/games/airports index 7df98df46..221775689 100644 --- a/games/atc/games/airports +++ b/games/atc/games/airports @@ -1,3 +1,5 @@ +# $OpenBSD: airports,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 6; newplane = 6; width = 30; diff --git a/games/atc/games/box b/games/atc/games/box index 8cb7ef76a..204e75c59 100644 --- a/games/atc/games/box +++ b/games/atc/games/box @@ -1,4 +1,5 @@ -update = 5; +# $OpenBSD: box,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + newplane = 6; width = 29; height = 21; diff --git a/games/atc/games/crosshatch b/games/atc/games/crosshatch index 6ceb8c0f0..038f48ad1 100644 --- a/games/atc/games/crosshatch +++ b/games/atc/games/crosshatch @@ -1,3 +1,5 @@ +# $OpenBSD: crosshatch,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 5; width = 30; diff --git a/games/atc/games/crossover b/games/atc/games/crossover index d2689ffd3..bbd4e9f90 100644 --- a/games/atc/games/crossover +++ b/games/atc/games/crossover @@ -1,3 +1,5 @@ +# $OpenBSD: crossover,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 5; width = 29; diff --git a/games/atc/games/default b/games/atc/games/default index e19ef9d24..b9c524697 100644 --- a/games/atc/games/default +++ b/games/atc/games/default @@ -1,3 +1,5 @@ +# $OpenBSD: default,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 10; width = 30; diff --git a/games/atc/games/easy b/games/atc/games/easy index 4ab8eac0e..db8a09afd 100644 --- a/games/atc/games/easy +++ b/games/atc/games/easy @@ -1,3 +1,5 @@ +# $OpenBSD: easy,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 7; newplane = 12; width = 15; diff --git a/games/atc/games/game_2 b/games/atc/games/game_2 index 5788c8a27..d4f4feab7 100644 --- a/games/atc/games/game_2 +++ b/games/atc/games/game_2 @@ -1,3 +1,5 @@ +# $OpenBSD: game_2,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 8; width = 30; diff --git a/games/atc/games/game_3 b/games/atc/games/game_3 index e610a5c96..49b306172 100644 --- a/games/atc/games/game_3 +++ b/games/atc/games/game_3 @@ -1,3 +1,5 @@ +# $OpenBSD: game_3,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 5; width = 30; diff --git a/games/atc/games/game_4 b/games/atc/games/game_4 index e57d51c05..eb3f2af55 100644 --- a/games/atc/games/game_4 +++ b/games/atc/games/game_4 @@ -1,3 +1,5 @@ +# $OpenBSD: game_4,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 5; width = 30; diff --git a/games/atc/games/novice b/games/atc/games/novice index 473dde50e..278608653 100644 --- a/games/atc/games/novice +++ b/games/atc/games/novice @@ -1,3 +1,5 @@ +# $OpenBSD: novice,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 6; newplane = 6; width = 30; diff --git a/games/atc/games/two-corners b/games/atc/games/two-corners index 273a12143..471c4ae38 100644 --- a/games/atc/games/two-corners +++ b/games/atc/games/two-corners @@ -1,3 +1,5 @@ +# $OpenBSD: two-corners,v 1.2 2024/08/23 04:21:18 deraadt Exp $ + update = 5; newplane = 5; width = 30; diff --git a/games/atc/main.c b/games/atc/main.c index 3b29bda3d..8c68bf3da 100644 --- a/games/atc/main.c +++ b/games/atc/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.31 2021/10/23 11:22:48 mestre Exp $ */ +/* $OpenBSD: main.c,v 1.32 2024/08/23 04:25:46 deraadt Exp $ */ /* $NetBSD: main.c,v 1.4 1995/04/27 21:22:25 mycroft Exp $ */ /*- @@ -227,11 +227,13 @@ default_game(void) warn("fopen %s", games); return (NULL); } - if (fgets(line, sizeof(line), fp) == NULL) { - warnx("%s: no default game available", games); - fclose(fp); - return (NULL); - } + do { + if (fgets(line, sizeof(line), fp) == NULL) { + warnx("%s: no default game available", games); + fclose(fp); + return (NULL); + } + } while (line[0] == '#'); fclose(fp); line[strcspn(line, "\n")] = '\0'; @@ -261,6 +263,8 @@ okay_game(const char *s) } while (fgets(line, sizeof(line), fp) != NULL) { line[strcspn(line, "\n")] = '\0'; + if (line[0] == '#') + continue; if (strcmp(s, line) == 0) { if (strlen(line) + strlen(_PATH_GAMES) >= sizeof(file)) { warnx("game name too long"); diff --git a/games/fortune/datfiles/Makefile b/games/fortune/datfiles/Makefile index 5c7de8323..6766c3ce7 100644 --- a/games/fortune/datfiles/Makefile +++ b/games/fortune/datfiles/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.7 2016/09/02 11:55:24 tb Exp $ +# $OpenBSD: Makefile,v 1.8 2024/08/23 03:25:32 deraadt Exp $ # $NetBSD: Makefile,v 1.15 1996/02/29 00:21:16 jtc Exp $ # @(#)Makefile 8.2 (Berkeley) 4/19/94 @@ -6,17 +6,10 @@ SRCS= fortunes fortunes2 startrek zippy recipes BLDS= fortunes.dat fortunes2.dat startrek.dat zippy.dat \ fortunes-o fortunes-o.dat recipes.dat -# TO INSTALL THE POTENTIALLY OFFENSIVE FORTUNES, UNCOMMENT THE THREE -# LINES AND COMMENT OUT THE FOURTH LINE. - -# THE THREE LINES SRCS+= fortunes2-o limerick BLDS+= fortunes2-o.dat limerick.dat TYPE= real -# THE FOURTH LINE -#TYPE= fake - CLEANFILES+=${BLDS} STRFILE!=cd $(.CURDIR)/../strfile; \ diff --git a/games/fortune/datfiles/fortunes-o.fake b/games/fortune/datfiles/fortunes-o.fake deleted file mode 100644 index 3b3f5a3d6..000000000 --- a/games/fortune/datfiles/fortunes-o.fake +++ /dev/null @@ -1,2 +0,0 @@ -There are no potentially offensive fortunes installed on this -system. For further details, contact your system administrator. diff --git a/games/quiz/Makefile b/games/quiz/Makefile index 75a9ba245..6a6d948c0 100644 --- a/games/quiz/Makefile +++ b/games/quiz/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.7 2024/08/22 04:34:19 mglocker Exp $ +# $OpenBSD: Makefile,v 1.8 2024/08/23 02:46:09 deraadt Exp $ PROG= quiz MAN= quiz.6 @@ -12,7 +12,7 @@ NAPHONE= ${.CURDIR}/../../share/misc/na.phone CLEANFILES+= areas areas: ${NAPHONE} - ${.CURDIR}/naphone2areas.sh ${NAPHONE} > areas + sh ${.CURDIR}/naphone2areas.sh ${NAPHONE} > areas afterinstall: areas (cd ${.CURDIR}/datfiles; ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} \ diff --git a/games/quiz/datfiles/ed b/games/quiz/datfiles/ed index 6ac8e89a9..945f43ebf 100644 --- a/games/quiz/datfiles/ed +++ b/games/quiz/datfiles/ed @@ -15,7 +15,7 @@ print every "Oxygen" or "oxygen":[g|1,$g]/\[[Oo|oO]\]xygen/[p|.p] change each "BTL" in file to "Bell Laboratories" and check:\ [g|1,$g]/BTL/[s|.s]/[/|BTL/]Bell Laboratories/gp combine every even-numbered line with the next odd-numbered line:\ -2,${-{1}}g/[^|$]/[j|.,{.}+{1}j|.,.1j] +2,${-{1}}g/[^|$]/[j|.,{.}+{1}j|.,+1j] print next "SH" and following line:\ /SH/;[{.}+{1}|.1]p|/SH/,[//|/SH/][{.}+{1}|.1]p print from next "TS" to following "TE":/TS/;/TE/p diff --git a/games/quiz/datfiles/seq-easy b/games/quiz/datfiles/seq-easy index 49eba6269..69fc97cb4 100644 --- a/games/quiz/datfiles/seq-easy +++ b/games/quiz/datfiles/seq-easy @@ -1,6 +1,6 @@ 1,2,3,4,5,6:7{(integers)}:integers|[natural|counting] numbers -1,2,3,5,8,13:21{(Fibonacci)}:Fibonacci{ seq{ence}| numbers} -0,1,1,2,4,7,13:24{(Tribonacci)}:Tribonacci{ seq{ence}| numbers} +1,2,3,5,8,13:21{(Fibonacci)}:Fibonacci{ seq{uence}| numbers} +0,1,1,2,4,7,13:24{(Tribonacci)}:Tribonacci{ seq{uence}| numbers} 1,2,4,8,16,32:64{(powers of 2)}:powers of 2|2[**|^]n 1,2,6,24,120,720:5040{(factorials)}:factorials|n! 1,3,5,7,9,11:13{(odd nos.)}:odd [integ|numb]ers diff --git a/games/trek/USD.doc/spell.ok b/games/trek/USD.doc/spell.ok index 340689732..4c63422a2 100644 --- a/games/trek/USD.doc/spell.ok +++ b/games/trek/USD.doc/spell.ok @@ -13,9 +13,9 @@ Stardate Starsystem TO:02:06:12 Torpedoes -Trek''USD:34 +Trek''USD:31 U.S.S -USD:34 +USD:31 XII amt1 anual diff --git a/gnu/llvm/lldb/source/Plugins/Process/OpenBSDKernel/ProcessOpenBSDKernel.h b/gnu/llvm/lldb/source/Plugins/Process/OpenBSDKernel/ProcessOpenBSDKernel.h index 64d90a397..451a5f055 100644 --- a/gnu/llvm/lldb/source/Plugins/Process/OpenBSDKernel/ProcessOpenBSDKernel.h +++ b/gnu/llvm/lldb/source/Plugins/Process/OpenBSDKernel/ProcessOpenBSDKernel.h @@ -43,6 +43,9 @@ public: lldb_private::DynamicLoader *GetDynamicLoader() override; + // Process Queries + bool WarnBeforeDetach() const override { return false; } + protected: bool DoUpdateThreadList(lldb_private::ThreadList &old_thread_list, lldb_private::ThreadList &new_thread_list) override; diff --git a/lib/libcrypto/evp/evp_local.h b/lib/libcrypto/evp/evp_local.h index 9631992a2..3e90e068e 100644 --- a/lib/libcrypto/evp/evp_local.h +++ b/lib/libcrypto/evp/evp_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_local.h,v 1.22 2024/04/12 09:41:39 tb Exp $ */ +/* $OpenBSD: evp_local.h,v 1.23 2024/08/22 12:24:24 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -175,7 +175,6 @@ struct evp_pkey_st { #endif } pkey; int save_parameters; - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ } /* EVP_PKEY */; struct evp_md_st { diff --git a/lib/libcrypto/evp/evp_pkey.c b/lib/libcrypto/evp/evp_pkey.c index f9100e226..dcbd51f08 100644 --- a/lib/libcrypto/evp/evp_pkey.c +++ b/lib/libcrypto/evp/evp_pkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_pkey.c,v 1.30 2024/07/14 16:06:31 tb Exp $ */ +/* $OpenBSD: evp_pkey.c,v 1.31 2024/08/22 12:21:07 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -142,49 +142,18 @@ error: LCRYPTO_ALIAS(EVP_PKEY2PKCS8); /* - * XXX - This is only used by openssl(1) pkcs12 for the Microsoft-specific - * NID_ms_csp_name and NID_LocalKeySet. This turns out to be the only reason - * why attributes hangs off the EVP_PKEY struct. + * XXX - delete all the garbage below in the next bump. */ + int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *pkey, int nid, int type, const unsigned char *bytes, int len) { - STACK_OF(X509_ATTRIBUTE) *attrs = NULL; - X509_ATTRIBUTE *attr = NULL; - int ret = 0; - - if ((attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, - bytes, len)) == NULL) - goto err; - - if ((attrs = pkey->attributes) == NULL) - attrs = sk_X509_ATTRIBUTE_new_null(); - if (attrs == NULL) - goto err; - - if (sk_X509_ATTRIBUTE_push(attrs, attr) <= 0) - goto err; - attr = NULL; - - pkey->attributes = attrs; - attrs = NULL; - - ret = 1; - - err: - X509_ATTRIBUTE_free(attr); - if (attrs != pkey->attributes) - sk_X509_ATTRIBUTE_pop_free(attrs, X509_ATTRIBUTE_free); - - return ret; + EVPerror(ERR_R_DISABLED); + return 0; } LCRYPTO_ALIAS(EVP_PKEY_add1_attr_by_NID); -/* - * XXX - delete all the garbage below in the next bump. - */ - int EVP_PKEY_get_attr_count(const EVP_PKEY *key) { diff --git a/lib/libcrypto/evp/p_lib.c b/lib/libcrypto/evp/p_lib.c index 4a6a6db4c..95c772130 100644 --- a/lib/libcrypto/evp/p_lib.c +++ b/lib/libcrypto/evp/p_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p_lib.c,v 1.60 2024/04/09 13:52:41 beck Exp $ */ +/* $OpenBSD: p_lib.c,v 1.61 2024/08/22 12:24:24 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -422,7 +422,6 @@ EVP_PKEY_free(EVP_PKEY *pkey) return; evp_pkey_free_pkey_ptr(pkey); - sk_X509_ATTRIBUTE_pop_free(pkey->attributes, X509_ATTRIBUTE_free); freezero(pkey, sizeof(*pkey)); } LCRYPTO_ALIAS(EVP_PKEY_free); diff --git a/lib/libcrypto/man/PKCS12_create.3 b/lib/libcrypto/man/PKCS12_create.3 index bc00d3df7..904166da7 100644 --- a/lib/libcrypto/man/PKCS12_create.3 +++ b/lib/libcrypto/man/PKCS12_create.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: PKCS12_create.3,v 1.12 2022/03/31 17:27:17 naddy Exp $ +.\" $OpenBSD: PKCS12_create.3,v 1.13 2024/08/22 12:26:01 tb Exp $ .\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400 .\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 .\" @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 31 2022 $ +.Dd $Mdocdate: August 22 2024 $ .Dt PKCS12_CREATE 3 .Os .Sh NAME @@ -165,7 +165,6 @@ if an error occurred. .Sh SEE ALSO .Xr crypto 3 , .Xr d2i_PKCS12 3 , -.Xr EVP_PKEY_add1_attr 3 , .Xr PKCS12_new 3 , .Xr PKCS12_newpass 3 , .Xr PKCS12_parse 3 , diff --git a/lib/libcrypto/pkcs12/p12_crt.c b/lib/libcrypto/pkcs12/p12_crt.c index 55fb7fd63..502ccecd2 100644 --- a/lib/libcrypto/pkcs12/p12_crt.c +++ b/lib/libcrypto/pkcs12/p12_crt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p12_crt.c,v 1.25 2024/07/15 15:43:25 tb Exp $ */ +/* $OpenBSD: p12_crt.c,v 1.26 2024/08/22 12:22:42 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -69,33 +69,6 @@ static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag); -static int -copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid) -{ - X509_ATTRIBUTE *attr = NULL; - const ASN1_OBJECT *obj; - int i; - - if ((obj = OBJ_nid2obj(nid)) == NULL) { - /* XXX - this seems wrong but preserves behavior. */ - return 1; - } - - for (i = 0; i < sk_X509_ATTRIBUTE_num(pkey->attributes); i++) { - attr = sk_X509_ATTRIBUTE_value(pkey->attributes, i); - if (OBJ_cmp(attr->object, obj) == 0) - break; - attr = NULL; - } - - if (attr == NULL) - return 1; - - if (!X509at_add1_attr(&bag->attrib, attr)) - return 0; - return 1; -} - PKCS12 * PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, @@ -158,11 +131,6 @@ PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert, if (!bag) goto err; - if (!copy_bag_attr(bag, pkey, NID_ms_csp_name)) - goto err; - if (!copy_bag_attr(bag, pkey, NID_LocalKeySet)) - goto err; - if (name && !PKCS12_add_friendlyname(bag, name, -1)) goto err; if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) diff --git a/regress/sys/kern/execve/doexec.c b/regress/sys/kern/execve/doexec.c index c22d49ae1..79d76d421 100644 --- a/regress/sys/kern/execve/doexec.c +++ b/regress/sys/kern/execve/doexec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: doexec.c,v 1.5 2003/09/02 23:52:17 david Exp $ */ +/* $OpenBSD: doexec.c,v 1.6 2024/08/23 02:49:20 deraadt Exp $ */ /* $NetBSD: doexec.c,v 1.3 1995/04/20 22:43:13 cgd Exp $ */ /* @@ -46,7 +46,7 @@ main(int argc, char *argv[]) } if (execve(argv[1], &argv[1], NULL) == -1) { - printf("%s\n", strerror(errno)); + printf("errno=%d\t%s\n", errno, strerror(errno)); exit(1); } diff --git a/regress/sys/kern/execve/good/badinterplen b/regress/sys/kern/execve/good/badinterplen index a0f8bc9fa..544c98199 100644 --- a/regress/sys/kern/execve/good/badinterplen +++ b/regress/sys/kern/execve/good/badinterplen @@ -1 +1 @@ -Exec format error +errno=8 Exec format error diff --git a/regress/sys/kern/execve/good/devnullscript b/regress/sys/kern/execve/good/devnullscript index fd58f1d4f..1ff7ef04b 100644 --- a/regress/sys/kern/execve/good/devnullscript +++ b/regress/sys/kern/execve/good/devnullscript @@ -1 +1 @@ -Permission denied +errno=13 Permission denied diff --git a/regress/sys/kern/execve/good/empty b/regress/sys/kern/execve/good/empty index a0f8bc9fa..544c98199 100644 --- a/regress/sys/kern/execve/good/empty +++ b/regress/sys/kern/execve/good/empty @@ -1 +1 @@ -Exec format error +errno=8 Exec format error diff --git a/regress/sys/kern/execve/good/goodaout b/regress/sys/kern/execve/good/goodaout index 774a5c0df..d446d6148 100644 --- a/regress/sys/kern/execve/good/goodaout +++ b/regress/sys/kern/execve/good/goodaout @@ -1 +1 @@ -succeeded +errno=0 succeeded diff --git a/regress/sys/kern/execve/good/goodscript b/regress/sys/kern/execve/good/goodscript index 774a5c0df..d446d6148 100644 --- a/regress/sys/kern/execve/good/goodscript +++ b/regress/sys/kern/execve/good/goodscript @@ -1 +1 @@ -succeeded +errno=0 succeeded diff --git a/regress/sys/kern/execve/good/nonexistent b/regress/sys/kern/execve/good/nonexistent index ddc886910..567cebb4a 100644 --- a/regress/sys/kern/execve/good/nonexistent +++ b/regress/sys/kern/execve/good/nonexistent @@ -1 +1 @@ -No such file or directory +errno=2 No such file or directory diff --git a/regress/sys/kern/execve/good/nonexistshell b/regress/sys/kern/execve/good/nonexistshell index ddc886910..567cebb4a 100644 --- a/regress/sys/kern/execve/good/nonexistshell +++ b/regress/sys/kern/execve/good/nonexistshell @@ -1 +1 @@ -No such file or directory +errno=2 No such file or directory diff --git a/regress/sys/kern/execve/good/scriptarg b/regress/sys/kern/execve/good/scriptarg index f3b372c72..27fa685c2 100644 --- a/regress/sys/kern/execve/good/scriptarg +++ b/regress/sys/kern/execve/good/scriptarg @@ -1,2 +1,2 @@ -+ echo succeeded -succeeded ++ echo errno=0 succeeded +errno=0 succeeded diff --git a/regress/sys/kern/execve/good/scriptarg-nospace b/regress/sys/kern/execve/good/scriptarg-nospace index f3b372c72..27fa685c2 100644 --- a/regress/sys/kern/execve/good/scriptarg-nospace +++ b/regress/sys/kern/execve/good/scriptarg-nospace @@ -1,2 +1,2 @@ -+ echo succeeded -succeeded ++ echo errno=0 succeeded +errno=0 succeeded diff --git a/regress/sys/kern/execve/good/truncaout b/regress/sys/kern/execve/good/truncaout index a0f8bc9fa..544c98199 100644 --- a/regress/sys/kern/execve/good/truncaout +++ b/regress/sys/kern/execve/good/truncaout @@ -1 +1 @@ -Exec format error +errno=8 Exec format error diff --git a/regress/sys/kern/execve/tests/goodaout.c b/regress/sys/kern/execve/tests/goodaout.c index f491db991..6863e71d0 100644 --- a/regress/sys/kern/execve/tests/goodaout.c +++ b/regress/sys/kern/execve/tests/goodaout.c @@ -1,4 +1,4 @@ -/* $OpenBSD: goodaout.c,v 1.5 2017/02/16 20:59:20 patrick Exp $ */ +/* $OpenBSD: goodaout.c,v 1.6 2024/08/23 02:49:20 deraadt Exp $ */ /* $NetBSD: goodaout.c,v 1.3 1995/04/20 22:44:20 cgd Exp $ */ /* @@ -38,6 +38,6 @@ int main(int argc, char *argv[]) { - printf("succeeded\n"); + printf("errno=0 succeeded\n"); exit(0); } diff --git a/regress/sys/kern/execve/tests/goodscript.in b/regress/sys/kern/execve/tests/goodscript.in index 331f77c65..b48292b55 100644 --- a/regress/sys/kern/execve/tests/goodscript.in +++ b/regress/sys/kern/execve/tests/goodscript.in @@ -1,5 +1,5 @@ #! /bin/csh -# $OpenBSD: goodscript.in,v 1.2 2001/01/29 02:05:56 niklas Exp $ +# $OpenBSD: goodscript.in,v 1.3 2024/08/23 02:49:20 deraadt Exp $ -echo succeeded +echo 'errno=0 succeeded' diff --git a/regress/sys/kern/execve/tests/scriptarg-nospace.in b/regress/sys/kern/execve/tests/scriptarg-nospace.in index c3fe849cb..935115878 100644 --- a/regress/sys/kern/execve/tests/scriptarg-nospace.in +++ b/regress/sys/kern/execve/tests/scriptarg-nospace.in @@ -1,5 +1,5 @@ #!/bin/sh -x -# $OpenBSD: scriptarg-nospace.in,v 1.2 2001/01/29 02:05:56 niklas Exp $ +# $OpenBSD: scriptarg-nospace.in,v 1.3 2024/08/23 02:49:20 deraadt Exp $ -echo succeeded +echo 'errno=0 succeeded' diff --git a/regress/sys/kern/execve/tests/scriptarg.in b/regress/sys/kern/execve/tests/scriptarg.in index 2c09479a4..c1e1a0826 100644 --- a/regress/sys/kern/execve/tests/scriptarg.in +++ b/regress/sys/kern/execve/tests/scriptarg.in @@ -1,5 +1,5 @@ #! /bin/sh -x -# $OpenBSD: scriptarg.in,v 1.2 2001/01/29 02:05:57 niklas Exp $ +# $OpenBSD: scriptarg.in,v 1.3 2024/08/23 02:49:20 deraadt Exp $ -echo succeeded +echo 'errno=0 succeeded' diff --git a/regress/usr.bin/ssh/rekey.sh b/regress/usr.bin/ssh/rekey.sh index 53f74baaa..1f68a1016 100644 --- a/regress/usr.bin/ssh/rekey.sh +++ b/regress/usr.bin/ssh/rekey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: rekey.sh,v 1.28 2024/08/21 10:33:27 dtucker Exp $ +# $OpenBSD: rekey.sh,v 1.29 2024/08/22 10:21:02 dtucker Exp $ # Placed in the Public Domain. tid="rekey" @@ -28,6 +28,11 @@ ssh_data_rekeying() echo "$_kexopt" >> $OBJ/sshd_proxy _opts="$_opts -o$_kexopt" fi + case "$_kexopt" in + MACs=*) + # default chacha20-poly1305 cipher has implicit MAC + _opts="$_opts -oCiphers=aes128-ctr" ;; + esac trace bytes $_bytes kex $_kexopt opts $_opts rm -f ${COPY} ${COPY2} ${LOG} # Create data file just big enough to reach rekey threshold. @@ -40,16 +45,22 @@ ssh_data_rekeying() cmp ${COPY} ${COPY2} || fail "corrupted copy ($@)" n=`grep 'NEWKEYS sent' ${LOG} | wc -l` n=`expr $n - 1` + _want=`echo $_kexopt | cut -f2 -d=` + _got="" case "$_kexopt" in - KexAlgorithms*) - _want=`echo $_kexopt | cut -f2 -d=` + KexAlgorithms=*) _got=`awk '/kex: algorithm: /{print $4}' ${LOG} | \ - tr -d '\r' | sort -u` - if [ "$_want" != "$_got" ]; then - fail "expected kex $_want, got $_got" - fi - ;; + tr -d '\r' | sort -u` ;; + Ciphers=*) + _got=`awk '/kex: client->server cipher:/{print $5}' ${LOG} | \ + tr -d '\r' | sort -u` ;; + MACs=*) + _got=`awk '/kex: client->server cipher:/{print $7}' ${LOG} | \ + tr -d '\r' | sort -u` ;; esac + if [ "$_want" != "$_got" ]; then + fail "unexpected algorithm, want $_want, got $_got" + fi trace "$n rekeying(s)" if [ $n -lt 1 ]; then fail "no rekeying occurred ($@)" diff --git a/sys/arch/amd64/amd64/bus_dma.c b/sys/arch/amd64/amd64/bus_dma.c index c29501ad7..070c3429b 100644 --- a/sys/arch/amd64/amd64/bus_dma.c +++ b/sys/arch/amd64/amd64/bus_dma.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bus_dma.c,v 1.56 2024/08/20 15:30:29 bluhm Exp $ */ +/* $OpenBSD: bus_dma.c,v 1.57 2024/08/22 11:36:24 bluhm Exp $ */ /* $NetBSD: bus_dma.c,v 1.3 2003/05/07 21:33:58 fvdl Exp $ */ /*- @@ -499,7 +499,7 @@ _bus_dmamap_sync(bus_dma_tag_t t, bus_dmamap_t map, bus_addr_t addr, if (!use_bounce_buffer) return; - for (i = map->_dm_segcnt, sg = map->dm_segs; size && i--; sg++) { + for (i = map->_dm_segcnt, sg = map->dm_segs; size && i; i--, sg++) { if (off >= sg->ds_len) { off -= sg->ds_len; continue; @@ -767,9 +767,11 @@ _bus_dmamap_load_buffer(bus_dma_tag_t t, bus_dmamap_t map, void *buf, map->_dm_maxsegsz && (map->_dm_boundary == 0 || (map->dm_segs[seg].ds_addr & bmask) == - (curaddr & bmask))) + (curaddr & bmask)) && + (!use_bounce_buffer || (map->dm_segs[seg]._ds_va + + map->dm_segs[seg].ds_len) == vaddr)) { map->dm_segs[seg].ds_len += sgsize; - else { + } else { if (++seg >= map->_dm_segcnt) break; map->dm_segs[seg].ds_addr = curaddr; diff --git a/sys/dev/dt/dt_dev.c b/sys/dev/dt/dt_dev.c index 98b11fff6..729688961 100644 --- a/sys/dev/dt/dt_dev.c +++ b/sys/dev/dt/dt_dev.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dt_dev.c,v 1.35 2024/08/21 09:27:37 mpi Exp $ */ +/* $OpenBSD: dt_dev.c,v 1.36 2024/08/22 10:08:25 mvs Exp $ */ /* * Copyright (c) 2019 Martin Pieuchot @@ -88,6 +88,7 @@ * to keep track of enabled PCBs. * * Locks used to protect struct members in this file: + * a atomic * m per-softc mutex * K kernel lock */ @@ -119,7 +120,7 @@ SIMPLEQ_HEAD(, dt_probe) dt_probe_list; /* [I] list of probes */ struct rwlock dt_lock = RWLOCK_INITIALIZER("dtlk"); volatile uint32_t dt_tracing = 0; /* [K] # of processes tracing */ -int allowdt; +int allowdt; /* [a] */ void dtattach(struct device *, struct device *, void *); int dtopen(dev_t, int, int, struct proc *); @@ -162,7 +163,7 @@ dtopen(dev_t dev, int flags, int mode, struct proc *p) struct dt_softc *sc; int unit = minor(dev); - if (!allowdt) + if (atomic_load_int(&allowdt) == 0) return EPERM; sc = malloc(sizeof(*sc), M_DEVBUF, M_WAITOK|M_CANFAIL|M_ZERO); diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index a528d77fd..aca80b54c 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sysctl.c,v 1.442 2024/08/20 13:29:25 mvs Exp $ */ +/* $OpenBSD: kern_sysctl.c,v 1.444 2024/08/23 01:31:04 mvs Exp $ */ /* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */ /*- @@ -134,6 +134,7 @@ extern int autoconf_serial; int allowkmem; +int sysctl_securelevel(void *, size_t *, void *, size_t, struct proc *); int sysctl_diskinit(int, struct proc *); int sysctl_proc_args(int *, u_int, void *, size_t *, struct proc *); int sysctl_proc_cwd(int *, u_int, void *, size_t *, struct proc *); @@ -486,7 +487,7 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, switch (name[0]) { #if NAUDIO > 0 case KERN_AUDIO: - return (sysctl_audio(name, namelen, oldp, oldlenp, + return (sysctl_audio(name + 1, namelen - 1, oldp, oldlenp, newp, newlen)); #endif default: @@ -513,6 +514,11 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, return (sysctl_rdstring(oldp, oldlenp, newp, version)); case KERN_NUMVNODES: /* XXX numvnodes is a long */ return (sysctl_rdint(oldp, oldlenp, newp, numvnodes)); +#if NDT > 0 + case KERN_ALLOWDT: + return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen, + &allowdt)); +#endif case KERN_HOSTID: return (sysctl_int(oldp, oldlenp, newp, newlen, &hostid)); case KERN_CLOCKRATE: @@ -596,26 +602,13 @@ int kern_sysctl_locked(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, size_t newlen, struct proc *p) { - int error, level, stackgap; + int error, stackgap; dev_t dev; extern int pool_debug; switch (name[0]) { case KERN_SECURELVL: - level = securelevel; - if ((error = sysctl_int(oldp, oldlenp, newp, newlen, &level)) || - newp == NULL) - return (error); - if ((securelevel > 0 || level < -1) && - level < securelevel && p->p_p->ps_pid != 1) - return (EPERM); - securelevel = level; - return (0); -#if NDT > 0 - case KERN_ALLOWDT: - return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen, - &allowdt)); -#endif + return (sysctl_securelevel(oldp, oldlenp, newp, newlen, p)); case KERN_ALLOWKMEM: return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen, &allowkmem)); @@ -1123,6 +1116,45 @@ sysctl_rdint(void *oldp, size_t *oldlenp, void *newp, int val) return (error); } +int +sysctl_securelevel(void *oldp, size_t *oldlenp, void *newp, size_t newlen, + struct proc *p) +{ + int oldval, newval; + int error; + + if (oldp && *oldlenp < sizeof(int)) + return (ENOMEM); + if (newp && newlen != sizeof(int)) + return (EINVAL); + *oldlenp = sizeof(int); + + if (newp) { + if ((error = copyin(newp, &newval, sizeof(int)))) + return (error); + do { + oldval = atomic_load_int(&securelevel); + if ((oldval > 0 || newval < -1) && newval < oldval && + p->p_p->ps_pid != 1) + return (EPERM); + } while (atomic_cas_uint(&securelevel, oldval, newval) != + oldval); + + if (oldp) { + /* new value has been set although user gets error */ + if ((error = copyout(&oldval, oldp, sizeof(int)))) + return (error); + } + } else if (oldp) { + oldval = atomic_load_int(&securelevel); + + if ((error = copyout(&oldval, oldp, sizeof(int)))) + return (error); + } + + return (0); +} + /* * Selects between sysctl_rdint and sysctl_int according to securelevel. */ @@ -1130,7 +1162,7 @@ int sysctl_securelevel_int(void *oldp, size_t *oldlenp, void *newp, size_t newlen, int *valp) { - if (securelevel > 0) + if (atomic_load_int(&securelevel) > 0) return (sysctl_rdint(oldp, oldlenp, newp, *valp)); return (sysctl_int(oldp, oldlenp, newp, newlen, valp)); } diff --git a/sys/netinet/in_proto.c b/sys/netinet/in_proto.c index cd64f1777..80889ddfb 100644 --- a/sys/netinet/in_proto.c +++ b/sys/netinet/in_proto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in_proto.c,v 1.112 2024/08/21 12:53:36 mvs Exp $ */ +/* $OpenBSD: in_proto.c,v 1.113 2024/08/22 10:58:31 mvs Exp $ */ /* $NetBSD: in_proto.c,v 1.14 1996/02/18 18:58:32 christos Exp $ */ /* @@ -230,7 +230,7 @@ const struct protosw inetsw[] = { .pr_type = SOCK_RAW, .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IPV4, - .pr_flags = PR_ATOMIC|PR_ADDR|PR_MPSOCKET, + .pr_flags = PR_ATOMIC|PR_ADDR|PR_MPSOCKET|PR_MPSYSCTL, #if NGIF > 0 .pr_input = in_gif_input, #else diff --git a/sys/netinet/ip_ipip.c b/sys/netinet/ip_ipip.c index 67434ca1f..cce51da22 100644 --- a/sys/netinet/ip_ipip.c +++ b/sys/netinet/ip_ipip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipip.c,v 1.104 2024/08/21 12:53:36 mvs Exp $ */ +/* $OpenBSD: ip_ipip.c,v 1.105 2024/08/22 10:58:31 mvs Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -72,6 +72,11 @@ #include #endif +/* + * Locks used to protect data: + * a atomic + */ + #ifdef ENCDEBUG #define DPRINTF(fmt, args...) \ do { \ @@ -87,7 +92,7 @@ * We can control the acceptance of IP4 packets by altering the sysctl * net.inet.ipip.allow value. Zero means drop them, all else is acceptance. */ -int ipip_allow = 0; +int ipip_allow = 0; /* [a] */ struct cpumem *ipipcounters; @@ -104,9 +109,10 @@ int ipip_input(struct mbuf **mp, int *offp, int nxt, int af) { struct ifnet *ifp; + int ipip_allow_local = atomic_load_int(&ipip_allow); /* If we do not accept IP-in-IP explicitly, drop. */ - if (!ipip_allow && ((*mp)->m_flags & (M_AUTH|M_CONF)) == 0) { + if (ipip_allow_local == 0 && ((*mp)->m_flags & (M_AUTH|M_CONF)) == 0) { DPRINTF("dropped due to policy"); ipipstat_inc(ipips_pdrops); m_freemp(mp); @@ -118,7 +124,7 @@ ipip_input(struct mbuf **mp, int *offp, int nxt, int af) m_freemp(mp); return IPPROTO_DONE; } - nxt = ipip_input_if(mp, offp, nxt, af, ifp); + nxt = ipip_input_if(mp, offp, nxt, af, ipip_allow_local, ifp); if_put(ifp); return nxt; @@ -133,7 +139,7 @@ ipip_input(struct mbuf **mp, int *offp, int nxt, int af) */ int -ipip_input_if(struct mbuf **mp, int *offp, int proto, int oaf, +ipip_input_if(struct mbuf **mp, int *offp, int proto, int oaf, int allow, struct ifnet *ifp) { struct mbuf *m = *mp; @@ -271,7 +277,7 @@ ipip_input_if(struct mbuf **mp, int *offp, int proto, int oaf, } /* Check for local address spoofing. */ - if (!(ifp->if_flags & IFF_LOOPBACK) && ipip_allow != 2) { + if (!(ifp->if_flags & IFF_LOOPBACK) && allow != 2) { struct sockaddr_storage ss; struct rtentry *rt; @@ -584,19 +590,14 @@ int ipip_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, size_t newlen) { - int error; - /* All sysctl names at this level are terminal. */ if (namelen != 1) return (ENOTDIR); switch (name[0]) { case IPIPCTL_ALLOW: - NET_LOCK(); - error = sysctl_int_bounded(oldp, oldlenp, newp, newlen, - &ipip_allow, 0, 2); - NET_UNLOCK(); - return (error); + return (sysctl_int_bounded(oldp, oldlenp, newp, newlen, + &ipip_allow, 0, 2)); case IPIPCTL_STATS: return (ipip_sysctl_ipipstat(oldp, oldlenp, newp)); default: diff --git a/sys/netinet/ip_ipip.h b/sys/netinet/ip_ipip.h index f9d044984..adf422199 100644 --- a/sys/netinet/ip_ipip.h +++ b/sys/netinet/ip_ipip.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipip.h,v 1.13 2021/10/13 14:36:31 bluhm Exp $ */ +/* $OpenBSD: ip_ipip.h,v 1.14 2024/08/22 10:58:31 mvs Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -114,7 +114,7 @@ struct tdb; void ipip_init(void); int ipip_input(struct mbuf **, int *, int, int); -int ipip_input_if(struct mbuf **, int *, int, int, struct ifnet *); +int ipip_input_if(struct mbuf **, int *, int, int, int, struct ifnet *); int ipip_output(struct mbuf **, struct tdb *); int ipip_sysctl(int *, u_int, void *, size_t *, void *, size_t); diff --git a/usr.bin/openssl/openssl.1 b/usr.bin/openssl/openssl.1 index c185c7ebf..d06eeec87 100644 --- a/usr.bin/openssl/openssl.1 +++ b/usr.bin/openssl/openssl.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: openssl.1,v 1.158 2024/08/12 15:34:58 job Exp $ +.\" $OpenBSD: openssl.1,v 1.159 2024/08/22 12:15:07 tb Exp $ .\" ==================================================================== .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. .\" @@ -110,7 +110,7 @@ .\" copied and put under another distribution licence .\" [including the GNU Public Licence.] .\" -.Dd $Mdocdate: August 12 2024 $ +.Dd $Mdocdate: August 22 2024 $ .Dt OPENSSL 1 .Os .Sh NAME @@ -3084,7 +3084,6 @@ It is recommended that des3 is used. .Op Fl certpbe Ar alg .Op Fl chain .Op Fl clcerts -.Op Fl CSP Ar name .Op Fl descert .Op Fl export .Op Fl in Ar file @@ -3093,7 +3092,6 @@ It is recommended that des3 is used. .Op Fl keyex .Op Fl keypbe Ar alg .Op Fl keysig -.Op Fl LMK .Op Fl macalg Ar alg .Op Fl maciter .Op Fl name Ar name @@ -3202,10 +3200,6 @@ For interoperability reasons it is advisable to only use PKCS#12 algorithms. Include the entire certificate chain of the user certificate. The standard CA store is used for this search. If the search fails, it is considered a fatal error. -.It Fl CSP Ar name -Write -.Ar name -as a Microsoft CSP name. .It Fl descert Encrypt the certificate using triple DES; this may render the PKCS#12 file unreadable by some @@ -3237,8 +3231,6 @@ option marks the key for signing only. Signing only keys can be used for S/MIME signing, authenticode (ActiveX control signing) and SSL client authentication. -.It Fl LMK -Add local machine keyset attribute to private key. .It Fl macalg Ar alg Specify the MAC digest algorithm. The default is SHA1. diff --git a/usr.bin/openssl/pkcs12.c b/usr.bin/openssl/pkcs12.c index c8706904f..69e230eff 100644 --- a/usr.bin/openssl/pkcs12.c +++ b/usr.bin/openssl/pkcs12.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs12.c,v 1.27 2024/02/28 17:04:38 tb Exp $ */ +/* $OpenBSD: pkcs12.c,v 1.28 2024/08/22 12:14:33 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -93,14 +93,12 @@ static int alg_print(BIO *x, const X509_ALGOR *alg); static int set_pbe(BIO *err, int *ppbe, const char *str); static struct { - int add_lmk; char *CAfile; STACK_OF(OPENSSL_STRING) *canames; char *CApath; int cert_pbe; char *certfile; int chain; - char *csp_name; const EVP_CIPHER *enc; int export_cert; int key_pbe; @@ -321,13 +319,6 @@ static const struct option pkcs12_options[] = { .opt.value = &cfg.options, .value = CLCERTS, }, - { - .name = "CSP", - .argname = "name", - .desc = "Microsoft CSP name", - .type = OPTION_ARG, - .opt.arg = &cfg.csp_name, - }, { .name = "descert", .desc = "Encrypt PKCS#12 certificates with triple DES (default RC2-40)", @@ -383,12 +374,6 @@ static const struct option pkcs12_options[] = { .opt.value = &cfg.keytype, .value = KEY_SIG, }, - { - .name = "LMK", - .desc = "Add local machine keyset attribute to private key", - .type = OPTION_FLAG, - .opt.flag = &cfg.add_lmk, - }, { .name = "macalg", .argname = "alg", @@ -719,15 +704,6 @@ pkcs12_main(int argc, char **argv) X509_alias_set1(sk_X509_value(certs, i), catmp, -1); } - if (cfg.csp_name != NULL && key != NULL) - EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name, - MBSTRING_ASC, - (unsigned char *) cfg.csp_name, -1); - - if (cfg.add_lmk && key != NULL) - EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, - -1); - if (!cfg.noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) { diff --git a/usr.bin/sndiod/dev.c b/usr.bin/sndiod/dev.c index 47d13152e..0f19f6ebe 100644 --- a/usr.bin/sndiod/dev.c +++ b/usr.bin/sndiod/dev.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dev.c,v 1.117 2024/06/01 09:44:10 ratchov Exp $ */ +/* $OpenBSD: dev.c,v 1.118 2024/08/23 01:19:33 jsg Exp $ */ /* * Copyright (c) 2008-2012 Alexandre Ratchov * @@ -2297,7 +2297,7 @@ ctlslot_visible(struct ctlslot *s, struct ctl *c) if (strcmp(c->node0.name, "server") == 0 && strcmp(c->func, "device") == 0) return 0; - /* FALLTHROUHG */ + /* FALLTHROUGH */ case CTL_DEV_MASTER: return (s->opt->dev == c->u.any.arg0); case CTL_OPT_DEV: diff --git a/usr.bin/ssh/kex-names.c b/usr.bin/ssh/kex-names.c index 7eebc7a56..82ff37344 100644 --- a/usr.bin/ssh/kex-names.c +++ b/usr.bin/ssh/kex-names.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex-names.c,v 1.1 2024/05/17 00:32:32 djm Exp $ */ +/* $OpenBSD: kex-names.c,v 1.2 2024/08/22 23:11:30 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -70,6 +70,8 @@ static const struct kexalg kexalgs[] = { { KEX_CURVE25519_SHA256_OLD, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 }, { KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0, SSH_DIGEST_SHA512 }, + { KEX_SNTRUP761X25519_SHA512_OLD, KEX_KEM_SNTRUP761X25519_SHA512, 0, + SSH_DIGEST_SHA512 }, { NULL, 0, -1, -1}, }; diff --git a/usr.bin/ssh/kex.h b/usr.bin/ssh/kex.h index ca8d5aa47..0d66b87a9 100644 --- a/usr.bin/ssh/kex.h +++ b/usr.bin/ssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.123 2024/05/17 00:30:23 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.124 2024/08/22 23:11:30 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -55,7 +55,8 @@ #define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" #define KEX_CURVE25519_SHA256 "curve25519-sha256" #define KEX_CURVE25519_SHA256_OLD "curve25519-sha256@libssh.org" -#define KEX_SNTRUP761X25519_SHA512 "sntrup761x25519-sha512@openssh.com" +#define KEX_SNTRUP761X25519_SHA512 "sntrup761x25519-sha512" +#define KEX_SNTRUP761X25519_SHA512_OLD "sntrup761x25519-sha512@openssh.com" #define COMP_NONE 0 /* pre-auth compression (COMP_ZLIB) is only supported in the client */ diff --git a/usr.bin/ssh/myproposal.h b/usr.bin/ssh/myproposal.h index ee6e9f741..bef656908 100644 --- a/usr.bin/ssh/myproposal.h +++ b/usr.bin/ssh/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.71 2022/03/30 21:13:23 djm Exp $ */ +/* $OpenBSD: myproposal.h,v 1.72 2024/08/22 23:11:30 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,6 +25,7 @@ */ #define KEX_SERVER_KEX \ + "sntrup761x25519-sha512," \ "sntrup761x25519-sha512@openssh.com," \ "curve25519-sha256," \ "curve25519-sha256@libssh.org," \ diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index 874874bd0..81dccf8a5 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.398 2024/07/14 10:19:23 jsg Exp $ -.Dd $Mdocdate: July 14 2024 $ +.\" $OpenBSD: ssh_config.5,v 1.399 2024/08/22 23:11:30 djm Exp $ +.Dd $Mdocdate: August 22 2024 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1282,7 +1282,7 @@ default set. .Pp The default is: .Bd -literal -offset indent -sntrup761x25519-sha512@openssh.com, +sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, curve25519-sha256,curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5 index 9170c4892..d42ca0ead 100644 --- a/usr.bin/ssh/sshd_config.5 +++ b/usr.bin/ssh/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.368 2024/07/26 15:24:49 naddy Exp $ -.Dd $Mdocdate: July 26 2024 $ +.\" $OpenBSD: sshd_config.5,v 1.369 2024/08/22 23:11:30 djm Exp $ +.Dd $Mdocdate: August 22 2024 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1051,12 +1051,14 @@ ecdh-sha2-nistp384 .It ecdh-sha2-nistp521 .It +sntrup761x25519-sha512 +.It sntrup761x25519-sha512@openssh.com .El .Pp The default is: .Bd -literal -offset indent -sntrup761x25519-sha512@openssh.com, +sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com, curve25519-sha256,curve25519-sha256@libssh.org, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, diffie-hellman-group-exchange-sha256, diff --git a/usr.bin/tmux/key-string.c b/usr.bin/tmux/key-string.c index 0c96738bb..856c974fb 100644 --- a/usr.bin/tmux/key-string.c +++ b/usr.bin/tmux/key-string.c @@ -1,4 +1,4 @@ -/* $OpenBSD: key-string.c,v 1.73 2024/08/22 05:39:55 nicm Exp $ */ +/* $OpenBSD: key-string.c,v 1.74 2024/08/22 09:05:51 nicm Exp $ */ /* * Copyright (c) 2007 Nicholas Marriott @@ -277,7 +277,6 @@ key_string_lookup_string(const char *string) } free(udp); return (uc); - } /* Check for short Ctrl key. */ diff --git a/usr.bin/tmux/status.c b/usr.bin/tmux/status.c index 17c7d4e69..ad7208ef1 100644 --- a/usr.bin/tmux/status.c +++ b/usr.bin/tmux/status.c @@ -1,4 +1,4 @@ -/* $OpenBSD: status.c,v 1.244 2024/08/21 05:03:13 nicm Exp $ */ +/* $OpenBSD: status.c,v 1.245 2024/08/22 09:05:51 nicm Exp $ */ /* * Copyright (c) 2007 Nicholas Marriott @@ -607,6 +607,8 @@ status_prompt_set(struct client *c, struct cmd_find_state *fs, struct format_tree *ft; char *tmp; + server_client_clear_overlay(c); + if (fs != NULL) ft = format_create_from_state(NULL, c, fs); else diff --git a/usr.bin/tmux/tmux.1 b/usr.bin/tmux/tmux.1 index 80d137b44..0890ffafb 100644 --- a/usr.bin/tmux/tmux.1 +++ b/usr.bin/tmux/tmux.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tmux.1,v 1.950 2024/08/21 05:06:45 nicm Exp $ +.\" $OpenBSD: tmux.1,v 1.951 2024/08/22 09:05:51 nicm Exp $ .\" .\" Copyright (c) 2007 Nicholas Marriott .\" @@ -14,7 +14,7 @@ .\" IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: August 21 2024 $ +.Dd $Mdocdate: August 22 2024 $ .Dt TMUX 1 .Os .Sh NAME @@ -4491,9 +4491,9 @@ Set the character used to fill areas of the terminal unused by a window. .It Ic main-pane-height Ar height .It Ic main-pane-width Ar width Set the width or height of the main (left or top) pane in the -.Ic main-horizontal, -.Ic main-horizontal-mirrored, -.Ic main-vertical, +.Ic main-horizontal , +.Ic main-horizontal-mirrored , +.Ic main-vertical , or .Ic main-vertical-mirrored layouts. diff --git a/usr.sbin/bgpctl/parser.c b/usr.sbin/bgpctl/parser.c index ee8691774..e35a952b4 100644 --- a/usr.sbin/bgpctl/parser.c +++ b/usr.sbin/bgpctl/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.136 2024/08/21 09:17:05 florian Exp $ */ +/* $OpenBSD: parser.c,v 1.137 2024/08/22 08:17:54 florian Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -1325,7 +1325,7 @@ parseextvalue(int type, char *s, uint32_t *v, uint32_t *flag) *v = uval | (uvalh << 16); break; case EXT_COMMUNITY_TRANS_IPV4: - if (inet_pton(AF_INET, s, &ip) == 0) + if (inet_pton(AF_INET, s, &ip) != 1) errx(1, "Bad ext-community %s not parseable", s); *v = ntohl(ip.s_addr); break; diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y index d8841db36..29af28a31 100644 --- a/usr.sbin/bgpd/parse.y +++ b/usr.sbin/bgpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.466 2024/08/21 09:17:05 florian Exp $ */ +/* $OpenBSD: parse.y,v 1.467 2024/08/22 08:17:54 florian Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer @@ -4503,7 +4503,7 @@ parseextvalue(int type, char *s, uint32_t *v, uint32_t *flag) *v = uval | (uvalh << 16); break; case EXT_COMMUNITY_TRANS_IPV4: - if (inet_pton(AF_INET, s, &ip) == 0) { + if (inet_pton(AF_INET, s, &ip) != 1) { yyerror("Bad ext-community %s not parseable", s); return (-1); } diff --git a/usr.sbin/cron/entry.c b/usr.sbin/cron/entry.c index 622e62869..3e09a1496 100644 --- a/usr.sbin/cron/entry.c +++ b/usr.sbin/cron/entry.c @@ -1,4 +1,4 @@ -/* $OpenBSD: entry.c,v 1.60 2024/08/19 15:08:21 millert Exp $ */ +/* $OpenBSD: entry.c,v 1.61 2024/08/23 00:58:04 millert Exp $ */ /* * Copyright 1988,1990,1993,1994 by Paul Vixie @@ -68,7 +68,7 @@ static const char *DowNames[] = { static int get_list(bitstr_t *, int, int, const char *[], int, FILE *), get_range(bitstr_t *, int, int, const char *[], int, FILE *), - get_number(int *, int, const char *[], int, FILE *, const char *), + get_number(int *, int, int, const char *[], int, FILE *, const char *), set_element(bitstr_t *, int, int, int), set_range(bitstr_t *, int, int, int, int, int); @@ -489,7 +489,7 @@ get_range(bitstr_t *bits, int low, int high, const char *names[], return (EOF); } else { if (ch != '~') { - ch = get_number(&num1, low, names, ch, file, ",-~ \t\n"); + ch = get_number(&num1, low, high, names, ch, file, ",-~ \t\n"); if (ch == EOF) return (EOF); } @@ -504,7 +504,7 @@ get_range(bitstr_t *bits, int low, int high, const char *names[], /* get the number following the dash */ - ch = get_number(&num2, low, names, ch, file, "/, \t\n"); + ch = get_number(&num2, low, high, names, ch, file, "/, \t\n"); if (ch == EOF || num1 > num2) return (EOF); break; @@ -517,7 +517,7 @@ get_range(bitstr_t *bits, int low, int high, const char *names[], /* get the (optional) number following the tilde */ - ch = get_number(&num2, low, names, ch, file, "/, \t\n"); + ch = get_number(&num2, low, high, names, ch, file, "/, \t\n"); if (ch == EOF) { /* no second number, check for valid terminator */ @@ -563,6 +563,8 @@ get_range(bitstr_t *bits, int low, int high, const char *names[], /* check for step size */ if (ch == '/') { + const int max_step = high + 1 - low; + /* eat the slash */ ch = get_char(file); @@ -574,7 +576,7 @@ get_range(bitstr_t *bits, int low, int high, const char *names[], * element id, it's a step size. 'low' is * sent as a 0 since there is no offset either. */ - ch = get_number(&num3, 0, NULL, ch, file, ", \t\n"); + ch = get_number(&num3, 0, max_step, NULL, ch, file, ", \t\n"); if (ch == EOF || num3 == 0) return (EOF); if (rndstep) { @@ -604,8 +606,8 @@ get_range(bitstr_t *bits, int low, int high, const char *names[], } static int -get_number(int *numptr, int low, const char *names[], int ch, FILE *file, - const char *terms) +get_number(int *numptr, int low, int high, const char *names[], int ch, + FILE *file, const char *terms) { char temp[MAX_TEMPSTR], *pc; int len, i; @@ -622,11 +624,13 @@ get_number(int *numptr, int low, const char *names[], int ch, FILE *file, } *pc = '\0'; if (len != 0) { + const char *errstr; + /* got a number, check for valid terminator */ if (!strchr(terms, ch)) goto bad; - i = atoi(temp); - if (i < 0) + i = strtonum(temp, low, high, &errstr); + if (errstr != NULL) goto bad; *numptr = i; return (ch); @@ -678,9 +682,11 @@ set_range(bitstr_t *bits, int low, int high, int start, int stop, int step) start -= low; stop -= low; - if (step <= 1 || step > stop) { + if (step <= 1) { bit_nset(bits, start, stop); } else { + if (step > stop + 1) + return (EOF); for (i = start; i <= stop; i += step) bit_set(bits, i); } diff --git a/usr.sbin/eigrpd/parse.y b/usr.sbin/eigrpd/parse.y index 76118b407..56487cdee 100644 --- a/usr.sbin/eigrpd/parse.y +++ b/usr.sbin/eigrpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.33 2024/08/21 09:20:36 florian Exp $ */ +/* $OpenBSD: parse.y,v 1.34 2024/08/22 08:17:54 florian Exp $ */ /* * Copyright (c) 2015 Renato Westphal @@ -223,7 +223,7 @@ varset : STRING '=' string { ; conf_main : ROUTERID STRING { - if (!inet_pton(AF_INET, $2, &conf->rtr_id)) { + if (inet_pton(AF_INET, $2, &conf->rtr_id) != 1) { yyerror("error parsing router-id"); free($2); YYERROR; diff --git a/usr.sbin/ldpd/parse.y b/usr.sbin/ldpd/parse.y index d35621cc1..2c5f4cf49 100644 --- a/usr.sbin/ldpd/parse.y +++ b/usr.sbin/ldpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.73 2024/08/21 09:17:56 florian Exp $ */ +/* $OpenBSD: parse.y,v 1.74 2024/08/22 08:17:54 florian Exp $ */ /* * Copyright (c) 2013, 2015, 2016 Renato Westphal @@ -203,7 +203,7 @@ string : string STRING { ; routerid : STRING { - if (!inet_pton(AF_INET, $1, &$$)) { + if (inet_pton(AF_INET, $1, &$$) != 1) { yyerror("%s: error parsing router id", $1); free($1); YYERROR; diff --git a/usr.sbin/lpr/SMM.doc/spell.ok b/usr.sbin/lpr/SMM.doc/spell.ok index c7120549b..5b030e659 100644 --- a/usr.sbin/lpr/SMM.doc/spell.ok +++ b/usr.sbin/lpr/SMM.doc/spell.ok @@ -8,9 +8,9 @@ Eprinter LPC LPD Lpd -Manual''SMM:5 +Manual''SMM:7 SIGINT -SMM:5 +SMM:7 Topq XTABS adm diff --git a/usr.sbin/npppd/common/addr_range.c b/usr.sbin/npppd/common/addr_range.c index d81e4b318..4f8897268 100644 --- a/usr.sbin/npppd/common/addr_range.c +++ b/usr.sbin/npppd/common/addr_range.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addr_range.c,v 1.7 2024/02/26 08:25:51 yasuoka Exp $ */ +/* $OpenBSD: addr_range.c,v 1.8 2024/08/22 07:56:47 florian Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. * All rights reserved. @@ -56,13 +56,14 @@ * Author: * Yasuoka Masahiko * - * $Id: addr_range.c,v 1.7 2024/02/26 08:25:51 yasuoka Exp $ + * $Id: addr_range.c,v 1.8 2024/08/22 07:56:47 florian Exp $ */ #ifdef ADDR_RANGE_DEBUG #define IIJDEBUG #endif #include +#include #include #include @@ -264,23 +265,23 @@ in_addr_range_list_add(struct in_addr_range **list, const char *str) is_maskaddr = 1; } - if (inet_aton(p0, &a0) != 1) { + if (inet_pton(AF_INET, p0, &a0) != 1) { if (errno == 0) errno = EINVAL; #ifdef IIJDEBUG saved_errno = errno; - log_printf(LOG_DL_1, "inet_aton(%s) failed: %m", p0); + log_printf(LOG_DL_1, "inet_pton(%s) failed: %m", p0); errno = saved_errno; #endif free(p0); return -1; } - if ((is_range || is_maskaddr) && inet_aton(p1, &a1) != 1) { + if ((is_range || is_maskaddr) && inet_pton(AF_INET, p1, &a1) != 1) { if (errno == 0) errno = EINVAL; #ifdef IIJDEBUG saved_errno = errno; - log_printf(LOG_DL_1, "inet_aton(%s) failed: %m", p1); + log_printf(LOG_DL_1, "inet_pton(%s) failed: %m", p1); errno = saved_errno; #endif free(p0); diff --git a/usr.sbin/npppd/npppd/npppd_subr.c b/usr.sbin/npppd/npppd/npppd_subr.c index e24789b34..7096ebb26 100644 --- a/usr.sbin/npppd/npppd/npppd_subr.c +++ b/usr.sbin/npppd/npppd/npppd_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: npppd_subr.c,v 1.21 2021/03/29 03:54:39 yasuoka Exp $ */ +/* $OpenBSD: npppd_subr.c,v 1.22 2024/08/22 07:56:47 florian Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -108,7 +108,7 @@ load_resolv_conf(struct in_addr *pri, struct in_addr *sec) addr = pri; else addr = sec; - if (inet_aton(ap, addr) != 1) { + if (inet_pton(AF_INET, ap, addr) != 1) { /* * FIXME: If configured IPv6, it may have IPv6 * FIXME: address. For the present, continue. diff --git a/usr.sbin/npppd/npppd/parse.y b/usr.sbin/npppd/npppd/parse.y index fd8bb0d29..4c1c894ce 100644 --- a/usr.sbin/npppd/npppd/parse.y +++ b/usr.sbin/npppd/npppd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.30 2024/07/17 08:26:19 yasuoka Exp $ */ +/* $OpenBSD: parse.y,v 1.31 2024/08/22 07:56:47 florian Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer @@ -639,7 +639,7 @@ addressport : address optport { ; in4_addr : STRING { - if (inet_aton($1, &($$)) != 1) { + if (inet_pton(AF_INET, $1, &($$)) != 1) { yyerror("could not parse the address %s", $1); free($1); YYERROR; diff --git a/usr.sbin/npppd/npppd/privsep.c b/usr.sbin/npppd/npppd/privsep.c index 6736a9779..43ec8a4ce 100644 --- a/usr.sbin/npppd/npppd/privsep.c +++ b/usr.sbin/npppd/npppd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.25 2024/01/18 09:58:23 claudio Exp $ */ +/* $OpenBSD: privsep.c,v 1.26 2024/08/22 07:56:47 florian Exp $ */ /* * Copyright (c) 2010 Yasuoka Masahiko @@ -708,7 +708,7 @@ privsep_priv_dispatch_imsg(struct imsgbuf *ibuf) } if ((retval = cgetstr(buf, "framed-ip-address", &str)) >= 0) { - if (inet_aton(str, + if (inet_pton(AF_INET, str, &r.framed_ip_address) != 1) goto on_broken_entry; free(str); @@ -717,7 +717,7 @@ privsep_priv_dispatch_imsg(struct imsgbuf *ibuf) if ((retval = cgetstr(buf, "framed-ip-netmask", &str)) >= 0) { - if (inet_aton(str, + if (inet_pton(AF_INET, str, &r.framed_ip_netmask) != 1) goto on_broken_entry; free(str); diff --git a/usr.sbin/ospfd/parse.y b/usr.sbin/ospfd/parse.y index 28523c233..dd74863f7 100644 --- a/usr.sbin/ospfd/parse.y +++ b/usr.sbin/ospfd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.105 2024/08/21 15:16:56 florian Exp $ */ +/* $OpenBSD: parse.y,v 1.106 2024/08/22 08:34:51 tb Exp $ */ /* * Copyright (c) 2004, 2005 Esben Norby @@ -620,7 +620,7 @@ areaid : NUMBER { $$.s_addr = htonl($1); } | STRING { - if (inet_pton(AF_INET, $1, &$$) != 1) { + if (inet_pton(AF_INET, $1, &$$) != 1) { yyerror("error parsing area"); free($1); YYERROR; diff --git a/usr.sbin/pppd/main.c b/usr.sbin/pppd/main.c index cb54143b6..5b2ee5e31 100644 --- a/usr.sbin/pppd/main.c +++ b/usr.sbin/pppd/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.58 2024/08/10 05:32:28 jsg Exp $ */ +/* $OpenBSD: main.c,v 1.59 2024/08/23 00:43:34 millert Exp $ */ /* * main.c - Point-to-Point Protocol main module @@ -108,6 +108,7 @@ int detached; /* have detached from terminal */ int phase; /* where the link is at */ volatile sig_atomic_t kill_link; volatile sig_atomic_t open_ccp_flag; +volatile sig_atomic_t got_sigchld; char **script_env; /* Env. variable values for scripts */ int s_env_nalloc; /* # words avail at script_env */ @@ -115,8 +116,6 @@ int s_env_nalloc; /* # words avail at script_env */ u_char outpacket_buf[PPP_MRU+PPP_HDRLEN]; /* buffer for outgoing packet */ u_char inpacket_buf[PPP_MRU+PPP_HDRLEN]; /* buffer for incoming packet */ -static int n_children; /* # child processes still running */ - static int locked; /* lock() has succeeded */ char *no_ppp_msg = "Sorry - this system lacks PPP kernel support\n"; @@ -964,10 +963,7 @@ term(int sig) static void chld(int sig) { - int save_errno = errno; - - reap_kids(); /* XXX somewhat unsafe */ - errno = save_errno; + got_sigchld = 1; } @@ -1162,7 +1158,6 @@ run_program(char *prog, char **args, int must_exist) _exit(1); } MAINDEBUG((LOG_DEBUG, "Script %s started; pid = %ld", prog, (long)pid)); - ++n_children; return 0; } @@ -1177,18 +1172,29 @@ reap_kids(void) int status; pid_t pid; - if (n_children == 0) + if (!got_sigchld) return; - if ((pid = waitpid(-1, &status, WNOHANG)) == -1) { - if (errno != ECHILD) - syslog(LOG_ERR, "Error waiting for child process: %m"); - return; - } - if (pid > 0) { - --n_children; - if (WIFSIGNALED(status)) { - syslog(LOG_WARNING, "Child process %ld terminated with signal %d", - (long)pid, WTERMSIG(status)); + got_sigchld = 0; + + for (;;) { + pid = waitpid(-1, &status, WNOHANG); + switch (pid) { + case -1: + if (errno == EINTR) + continue; + if (errno != ECHILD) + syslog(LOG_ERR, "Error waiting for child process: %m"); + return; + case 0: + /* No children left */ + return; + default: + if (WIFSIGNALED(status)) { + syslog(LOG_WARNING, + "Child process %d terminated with signal %d", + (int)pid, WTERMSIG(status)); + } + break; } } } diff --git a/usr.sbin/radiusd/radiusd_ipcp.c b/usr.sbin/radiusd/radiusd_ipcp.c index 27cd3c4bd..55c0332f9 100644 --- a/usr.sbin/radiusd/radiusd_ipcp.c +++ b/usr.sbin/radiusd/radiusd_ipcp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: radiusd_ipcp.c,v 1.12 2024/08/16 09:54:21 yasuoka Exp $ */ +/* $OpenBSD: radiusd_ipcp.c,v 1.13 2024/08/23 01:23:50 jsg Exp $ */ /* * Copyright (c) 2024 Internet Initiative Japan Inc. @@ -591,7 +591,7 @@ ipcp_dispatch_control(void *ctx, struct imsg *imsg) imsg->hdr.peerid, 0, -1, NULL, 0); if (imsg->hdr.type == IMSG_RADIUSD_MODULE_IPCP_MONITOR) break; - /* FALLTROUGH */ + /* FALLTHROUGH */ case IMSG_RADIUSD_MODULE_IPCP_DUMP: dumpsiz = MAX_IMSGSIZE; if ((dump = calloc(1, dumpsiz)) == NULL) {