diff --git a/lib/libcrypto/asn1/a_bitstr.c b/lib/libcrypto/asn1/a_bitstr.c index 7ea3e12b9..851a3a3d5 100644 --- a/lib/libcrypto/asn1/a_bitstr.c +++ b/lib/libcrypto/asn1/a_bitstr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_bitstr.c,v 1.41 2023/07/28 10:33:13 tb Exp $ */ +/* $OpenBSD: a_bitstr.c,v 1.42 2023/12/25 22:02:59 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -120,20 +120,24 @@ ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) int w, v, iv; unsigned char *c; - w = n/8; - v = 1 << (7 - (n & 0x07)); - iv = ~v; - if (!value) - v = 0; - if (a == NULL) return 0; + if (n < 0) + return 0; + + w = n / 8; + v = 1 << (7 - (n & 0x07)); + iv = ~v; + + if (value == 0) + v = 0; asn1_abs_clear_unused_bits(a); - if ((a->length < (w + 1)) || (a->data == NULL)) { - if (!value) - return(1); /* Don't need to set */ + if (a->length < w + 1 || a->data == NULL) { + /* Don't expand if there's no bit to set. */ + if (value == 0) + return 1; if ((c = recallocarray(a->data, a->length, w + 1, 1)) == NULL) { ASN1error(ERR_R_MALLOC_FAILURE); return 0; @@ -141,11 +145,12 @@ ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) a->data = c; a->length = w + 1; } + a->data[w] = ((a->data[w]) & iv) | v; - while ((a->length > 0) && (a->data[a->length - 1] == 0)) + while (a->length > 0 && a->data[a->length - 1] == 0) a->length--; - return (1); + return 1; } LCRYPTO_ALIAS(ASN1_BIT_STRING_set_bit); @@ -154,11 +159,18 @@ ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n) { int w, v; + if (a == NULL) + return 0; + if (n < 0) + return 0; + w = n / 8; v = 1 << (7 - (n & 0x07)); - if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL)) - return (0); - return ((a->data[w] & v) != 0); + + if (a->length < w + 1 || a->data == NULL) + return 0; + + return (a->data[w] & v) != 0; } LCRYPTO_ALIAS(ASN1_BIT_STRING_get_bit); diff --git a/lib/libcrypto/evp/digest.c b/lib/libcrypto/evp/digest.c index ee0c68e70..56decc231 100644 --- a/lib/libcrypto/evp/digest.c +++ b/lib/libcrypto/evp/digest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest.c,v 1.40 2023/11/29 21:35:57 tb Exp $ */ +/* $OpenBSD: digest.c,v 1.41 2023/12/24 22:17:05 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -200,6 +200,23 @@ EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) return ret; } +int +EVP_Digest(const void *data, size_t count, + unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) +{ + EVP_MD_CTX ctx; + int ret; + + EVP_MD_CTX_init(&ctx); + EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT); + ret = EVP_DigestInit_ex(&ctx, type, NULL) && + EVP_DigestUpdate(&ctx, data, count) && + EVP_DigestFinal_ex(&ctx, md, size); + EVP_MD_CTX_cleanup(&ctx); + + return ret; +} + int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) { @@ -262,23 +279,6 @@ EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) return 1; } -int -EVP_Digest(const void *data, size_t count, - unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) -{ - EVP_MD_CTX ctx; - int ret; - - EVP_MD_CTX_init(&ctx); - EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT); - ret = EVP_DigestInit_ex(&ctx, type, NULL) && - EVP_DigestUpdate(&ctx, data, count) && - EVP_DigestFinal_ex(&ctx, md, size); - EVP_MD_CTX_cleanup(&ctx); - - return ret; -} - EVP_MD_CTX * EVP_MD_CTX_new(void) { diff --git a/lib/libcrypto/evp/p_lib.c b/lib/libcrypto/evp/p_lib.c index 4591c0523..f92684fdd 100644 --- a/lib/libcrypto/evp/p_lib.c +++ b/lib/libcrypto/evp/p_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p_lib.c,v 1.39 2023/11/29 21:35:57 tb Exp $ */ +/* $OpenBSD: p_lib.c,v 1.50 2023/12/25 22:41:50 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -80,8 +80,6 @@ #include "asn1_local.h" #include "evp_local.h" -static void EVP_PKEY_free_it(EVP_PKEY *x); - int EVP_PKEY_bits(const EVP_PKEY *pkey) { @@ -195,96 +193,125 @@ EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) EVP_PKEY * EVP_PKEY_new(void) { - EVP_PKEY *ret; + EVP_PKEY *pkey; - ret = malloc(sizeof(EVP_PKEY)); - if (ret == NULL) { + if ((pkey = calloc(1, sizeof(*pkey))) == NULL) { EVPerror(ERR_R_MALLOC_FAILURE); - return (NULL); + return NULL; } - ret->type = EVP_PKEY_NONE; - ret->save_type = EVP_PKEY_NONE; - ret->references = 1; - ret->ameth = NULL; - ret->pkey.ptr = NULL; - ret->attributes = NULL; - ret->save_parameters = 1; - return (ret); + + pkey->type = EVP_PKEY_NONE; + pkey->save_type = EVP_PKEY_NONE; + pkey->references = 1; + pkey->save_parameters = 1; + + return pkey; } int EVP_PKEY_up_ref(EVP_PKEY *pkey) { - int refs = CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); - return ((refs > 1) ? 1 : 0); + return CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY) > 1; } -/* Setup a public key ASN1 method from a NID or a string. - * If pkey is NULL just return 1 or 0 if the algorithm exists. - */ - -static int -pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) +static void +evp_pkey_free_pkey_ptr(EVP_PKEY *pkey) { - const EVP_PKEY_ASN1_METHOD *ameth; + if (pkey == NULL || pkey->ameth == NULL || pkey->ameth->pkey_free == NULL) + return; - if (pkey) { - if (pkey->pkey.ptr) - EVP_PKEY_free_it(pkey); - /* If key type matches and a method exists then this - * lookup has succeeded once so just indicate success. - */ - if ((type == pkey->save_type) && pkey->ameth) - return 1; - } - if (str != NULL) - ameth = EVP_PKEY_asn1_find_str(NULL, str, len); - else - ameth = EVP_PKEY_asn1_find(NULL, type); - if (!ameth) { - EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); - return 0; - } - if (pkey) { - pkey->ameth = ameth; + pkey->ameth->pkey_free(pkey); + pkey->pkey.ptr = NULL; +} - pkey->type = pkey->ameth->pkey_id; - pkey->save_type = type; - } - return 1; +void +EVP_PKEY_free(EVP_PKEY *pkey) +{ + if (pkey == NULL) + return; + + if (CRYPTO_add(&pkey->references, -1, CRYPTO_LOCK_EVP_PKEY) > 0) + return; + + evp_pkey_free_pkey_ptr(pkey); + sk_X509_ATTRIBUTE_pop_free(pkey->attributes, X509_ATTRIBUTE_free); + freezero(pkey, sizeof(*pkey)); } int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) { - return pkey_set_type(pkey, type, NULL, -1); + const EVP_PKEY_ASN1_METHOD *ameth; + + evp_pkey_free_pkey_ptr(pkey); + + if ((ameth = EVP_PKEY_asn1_find(NULL, type)) == NULL) { + EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); + return 0; + } + if (pkey != NULL) { + pkey->ameth = ameth; + pkey->type = pkey->ameth->pkey_id; + pkey->save_type = type; + } + + return 1; +} + +int +EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) +{ + const EVP_PKEY_ASN1_METHOD *ameth; + + evp_pkey_free_pkey_ptr(pkey); + + if ((ameth = EVP_PKEY_asn1_find_str(NULL, str, len)) == NULL) { + EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); + return 0; + } + if (pkey != NULL) { + pkey->ameth = ameth; + pkey->type = pkey->ameth->pkey_id; + pkey->save_type = EVP_PKEY_NONE; + } + + return 1; +} + +int +EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) +{ + if (!EVP_PKEY_set_type(pkey, type)) + return 0; + + return (pkey->pkey.ptr = key) != NULL; } EVP_PKEY * EVP_PKEY_new_raw_private_key(int type, ENGINE *engine, const unsigned char *private_key, size_t len) { - EVP_PKEY *ret; + EVP_PKEY *pkey; - if ((ret = EVP_PKEY_new()) == NULL) + if ((pkey = EVP_PKEY_new()) == NULL) goto err; - if (!pkey_set_type(ret, type, NULL, -1)) + if (!EVP_PKEY_set_type(pkey, type)) goto err; - if (ret->ameth->set_priv_key == NULL) { + if (pkey->ameth->set_priv_key == NULL) { EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); goto err; } - if (!ret->ameth->set_priv_key(ret, private_key, len)) { + if (!pkey->ameth->set_priv_key(pkey, private_key, len)) { EVPerror(EVP_R_KEY_SETUP_FAILED); goto err; } - return ret; + return pkey; err: - EVP_PKEY_free(ret); + EVP_PKEY_free(pkey); return NULL; } @@ -293,27 +320,27 @@ EVP_PKEY * EVP_PKEY_new_raw_public_key(int type, ENGINE *engine, const unsigned char *public_key, size_t len) { - EVP_PKEY *ret; + EVP_PKEY *pkey; - if ((ret = EVP_PKEY_new()) == NULL) + if ((pkey = EVP_PKEY_new()) == NULL) goto err; - if (!pkey_set_type(ret, type, NULL, -1)) + if (!EVP_PKEY_set_type(pkey, type)) goto err; - if (ret->ameth->set_pub_key == NULL) { + if (pkey->ameth->set_pub_key == NULL) { EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); goto err; } - if (!ret->ameth->set_pub_key(ret, public_key, len)) { + if (!pkey->ameth->set_pub_key(pkey, public_key, len)) { EVPerror(EVP_R_KEY_SETUP_FAILED); goto err; } - return ret; + return pkey; err: - EVP_PKEY_free(ret); + EVP_PKEY_free(pkey); return NULL; } @@ -354,15 +381,15 @@ EVP_PKEY * EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, const EVP_CIPHER *cipher) { - EVP_PKEY *ret = NULL; + EVP_PKEY *pkey = NULL; CMAC_CTX *cmctx = NULL; - if ((ret = EVP_PKEY_new()) == NULL) + if ((pkey = EVP_PKEY_new()) == NULL) goto err; if ((cmctx = CMAC_CTX_new()) == NULL) goto err; - if (!pkey_set_type(ret, EVP_PKEY_CMAC, NULL, -1)) + if (!EVP_PKEY_set_type(pkey, EVP_PKEY_CMAC)) goto err; if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) { @@ -370,31 +397,17 @@ EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, goto err; } - ret->pkey.ptr = cmctx; + pkey->pkey.ptr = cmctx; - return ret; + return pkey; err: - EVP_PKEY_free(ret); + EVP_PKEY_free(pkey); CMAC_CTX_free(cmctx); + return NULL; } -int -EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) -{ - return pkey_set_type(pkey, EVP_PKEY_NONE, str, len); -} - -int -EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) -{ - if (!EVP_PKEY_set_type(pkey, type)) - return 0; - pkey->pkey.ptr = key; - return (key != NULL); -} - void * EVP_PKEY_get0(const EVP_PKEY *pkey) { @@ -577,33 +590,6 @@ EVP_PKEY_base_id(const EVP_PKEY *pkey) return EVP_PKEY_type(pkey->type); } -void -EVP_PKEY_free(EVP_PKEY *x) -{ - int i; - - if (x == NULL) - return; - - i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY); - if (i > 0) - return; - - EVP_PKEY_free_it(x); - if (x->attributes) - sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); - free(x); -} - -static void -EVP_PKEY_free_it(EVP_PKEY *x) -{ - if (x->ameth && x->ameth->pkey_free) { - x->ameth->pkey_free(x); - x->pkey.ptr = NULL; - } -} - static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr) { diff --git a/lib/libcrypto/man/CMAC_Init.3 b/lib/libcrypto/man/CMAC_Init.3 index a938c0db6..81cb8b8f0 100644 --- a/lib/libcrypto/man/CMAC_Init.3 +++ b/lib/libcrypto/man/CMAC_Init.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: CMAC_Init.3,v 1.4 2020/08/06 22:17:49 schwarze Exp $ +.\" $OpenBSD: CMAC_Init.3,v 1.5 2023/12/25 15:52:18 schwarze Exp $ .\" .\" Copyright (c) 2020 Ingo Schwarze .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: August 6 2020 $ +.Dd $Mdocdate: December 25 2023 $ .Dt CMAC_INIT 3 .Os .Sh NAME @@ -38,7 +38,7 @@ .Fa "const void *key" .Fa "size_t key_len" .Fa "const EVP_CIPHER *cipher" -.Fa "ENGINE *impl" +.Fa "ENGINE *engine" .Fc .Ft int .Fo CMAC_Update @@ -127,22 +127,21 @@ and initializes .Fa ctx for subsequently feeding in data with .Fn CMAC_Update . -To use the default cipher implementations provided by the library, pass +The +.Fa engine +argument is ignored; passing .Dv NULL -as the -.Fa impl -argument. +is recommended. .Pp If .Fa ctx is already initialized, .Fn CMAC_Init can be called again with -.Fa key , -.Fa cipher , +.Fa key and -.Fa impl -all set to +.Fa cipher +both set to .Dv NULL and .Fa key_len diff --git a/lib/libcrypto/x509/by_dir.c b/lib/libcrypto/x509/by_dir.c index 9fa6a1004..88c06513a 100644 --- a/lib/libcrypto/x509/by_dir.c +++ b/lib/libcrypto/x509/by_dir.c @@ -1,4 +1,4 @@ -/* $OpenBSD: by_dir.c,v 1.44 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: by_dir.c,v 1.45 2023/12/25 22:14:23 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -103,13 +103,8 @@ static X509_LOOKUP_METHOD x509_dir_lookup = { .name = "Load certs from files in a directory", .new_item = new_dir, .free = free_dir, - .init = NULL, - .shutdown = NULL, .ctrl = dir_ctrl, .get_by_subject = get_cert_by_subject, - .get_by_issuer_serial = NULL, - .get_by_fingerprint = NULL, - .get_by_alias = NULL, }; X509_LOOKUP_METHOD * diff --git a/lib/libcrypto/x509/by_file.c b/lib/libcrypto/x509/by_file.c index fc2d72bbd..bfab3761d 100644 --- a/lib/libcrypto/x509/by_file.c +++ b/lib/libcrypto/x509/by_file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: by_file.c,v 1.29 2023/11/30 17:01:04 beck Exp $ */ +/* $OpenBSD: by_file.c,v 1.30 2023/12/25 22:14:23 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -75,13 +75,8 @@ static X509_LOOKUP_METHOD x509_file_lookup = { .name = "Load file into cache", .new_item = NULL, .free = NULL, - .init = NULL, - .shutdown = NULL, .ctrl = by_file_ctrl, .get_by_subject = NULL, - .get_by_issuer_serial = NULL, - .get_by_fingerprint = NULL, - .get_by_alias = NULL, }; X509_LOOKUP_METHOD * diff --git a/lib/libcrypto/x509/by_mem.c b/lib/libcrypto/x509/by_mem.c index 579eecd36..ac3a24dea 100644 --- a/lib/libcrypto/x509/by_mem.c +++ b/lib/libcrypto/x509/by_mem.c @@ -1,4 +1,4 @@ -/* $OpenBSD: by_mem.c,v 1.8 2023/02/16 08:38:17 tb Exp $ */ +/* $OpenBSD: by_mem.c,v 1.9 2023/12/25 22:14:23 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -76,13 +76,8 @@ static X509_LOOKUP_METHOD x509_mem_lookup = { .name = "Load cert from memory", .new_item = NULL, .free = NULL, - .init = NULL, - .shutdown = NULL, .ctrl = by_mem_ctrl, .get_by_subject = NULL, - .get_by_issuer_serial = NULL, - .get_by_fingerprint = NULL, - .get_by_alias = NULL, }; X509_LOOKUP_METHOD * diff --git a/lib/libcrypto/x509/x509_local.h b/lib/libcrypto/x509/x509_local.h index 0312e6cac..d4197e66c 100644 --- a/lib/libcrypto/x509/x509_local.h +++ b/lib/libcrypto/x509/x509_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_local.h,v 1.14 2023/12/22 13:31:35 tb Exp $ */ +/* $OpenBSD: x509_local.h,v 1.15 2023/12/25 22:14:23 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2013. */ @@ -248,18 +248,10 @@ struct x509_lookup_method_st { const char *name; int (*new_item)(X509_LOOKUP *ctx); void (*free)(X509_LOOKUP *ctx); - int (*init)(X509_LOOKUP *ctx); - int (*shutdown)(X509_LOOKUP *ctx); int (*ctrl)(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); int (*get_by_subject)(X509_LOOKUP *ctx, int type, X509_NAME *name, X509_OBJECT *ret); - int (*get_by_issuer_serial)(X509_LOOKUP *ctx, int type, X509_NAME *name, - ASN1_INTEGER *serial,X509_OBJECT *ret); - int (*get_by_fingerprint)(X509_LOOKUP *ctx, int type, - const unsigned char *bytes, int len, X509_OBJECT *ret); - int (*get_by_alias)(X509_LOOKUP *ctx, int type, const char *str, - int len, X509_OBJECT *ret); } /* X509_LOOKUP_METHOD */; struct X509_VERIFY_PARAM_st { diff --git a/lib/libcrypto/x509/x509_lu.c b/lib/libcrypto/x509/x509_lu.c index 05730f56c..5a8fe9636 100644 --- a/lib/libcrypto/x509/x509_lu.c +++ b/lib/libcrypto/x509/x509_lu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_lu.c,v 1.60 2023/04/25 18:32:42 tb Exp $ */ +/* $OpenBSD: x509_lu.c,v 1.61 2023/12/25 22:14:23 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -102,9 +102,8 @@ X509_LOOKUP_init(X509_LOOKUP *ctx) { if (ctx->method == NULL) return 0; - if (ctx->method->init == NULL) - return 1; - return ctx->method->init(ctx); + /* Historical behavior: make init succeed even without method. */ + return 1; } LCRYPTO_ALIAS(X509_LOOKUP_init); @@ -113,9 +112,8 @@ X509_LOOKUP_shutdown(X509_LOOKUP *ctx) { if (ctx->method == NULL) return 0; - if (ctx->method->shutdown == NULL) - return 1; - return ctx->method->shutdown(ctx); + /* Historical behavior: make shutdown succeed even without method. */ + return 1; } LCRYPTO_ALIAS(X509_LOOKUP_shutdown); @@ -145,9 +143,7 @@ int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_NAME *name, ASN1_INTEGER *serial, X509_OBJECT *ret) { - if (ctx->method == NULL || ctx->method->get_by_issuer_serial == NULL) - return 0; - return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret); + return 0; } LCRYPTO_ALIAS(X509_LOOKUP_by_issuer_serial); @@ -155,9 +151,7 @@ int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const unsigned char *bytes, int len, X509_OBJECT *ret) { - if (ctx->method == NULL || ctx->method->get_by_fingerprint == NULL) - return 0; - return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret); + return 0; } LCRYPTO_ALIAS(X509_LOOKUP_by_fingerprint); @@ -165,9 +159,7 @@ int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const char *str, int len, X509_OBJECT *ret) { - if (ctx->method == NULL || ctx->method->get_by_alias == NULL) - return 0; - return ctx->method->get_by_alias(ctx, type, str, len, ret); + return 0; } LCRYPTO_ALIAS(X509_LOOKUP_by_alias); diff --git a/share/man/man8/release.8 b/share/man/man8/release.8 index e85aae1f4..8c925c967 100644 --- a/share/man/man8/release.8 +++ b/share/man/man8/release.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: release.8,v 1.96 2020/08/20 06:45:48 tb Exp $ +.\" $OpenBSD: release.8,v 1.98 2023/12/25 10:01:18 jca Exp $ .\" .\" Copyright (c) 2000 Marco S. Hyman .\" Copyright (c) 2016 Theo Buehler @@ -10,7 +10,7 @@ .\" LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS .\" FOR A PARTICULAR PURPOSE. .\" -.Dd $Mdocdate: August 20 2020 $ +.Dd $Mdocdate: December 25 2023 $ .Dt RELEASE 8 .Os .Sh NAME @@ -33,9 +33,9 @@ Build and install Xenocara. .It Make and validate the Xenocara release. .It -Make the third party packages. -.It Create boot and installation disk images. +.It +Make the third party packages. .El .Pp This manual describes the steps for the @@ -251,18 +251,13 @@ At this point, .Ox base system and X Window System tarballs are in .Va RELEASEDIR . -.Ss 7. Make the third party packages -The ports subsystem of contributed applications is capable of producing -packages for installation, either individually or in bulk. -This is described in -.Xr ports 7 . -.Ss 8. Create boot and installation disk images +.Ss 7. Create boot and installation disk images The disk images .No install${ Ns Va VERSION Ns }.img and .No install${ Ns Va VERSION Ns }.iso are suitable for installs without network connectivity. -They contain the tarballs and ports built in the previous steps. +They contain the tarballs built in the previous steps. .Bd -literal -offset indent # export RELDIR=your-releasedir RELXDIR=your-xenocara-releasedir # cd /usr/src/distrib/$(machine)/iso && make @@ -271,12 +266,14 @@ They contain the tarballs and ports built in the previous steps. .Pp The two installer images are now stored in the local release directory. +.Ss 8. Make the third party packages +The ports subsystem of contributed applications is capable of producing +packages for installation, either individually or in bulk. +This is described in +.Xr ports 7 . .Sh SEE ALSO .Xr cvs 1 , .Xr pkg_add 1 , .Xr mk.conf 5 , .Xr ports 7 , .Xr sysmerge 8 -.Sh HISTORY -This document first appeared in -.Ox 2.8 . diff --git a/usr.sbin/dev_mkdb/dev_mkdb.c b/usr.sbin/dev_mkdb/dev_mkdb.c index c88418f82..d4afa3870 100644 --- a/usr.sbin/dev_mkdb/dev_mkdb.c +++ b/usr.sbin/dev_mkdb/dev_mkdb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dev_mkdb.c,v 1.19 2022/12/04 23:50:50 cheloha Exp $ */ +/* $OpenBSD: dev_mkdb.c,v 1.20 2023/12/24 06:35:05 gnezdo Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -32,10 +32,10 @@ #include #include -#include #include #include #include +#include #include #include #include @@ -47,9 +47,9 @@ void usage(void); int main(int argc, char *argv[]) { - DIR *dirp; - struct dirent *dp; - struct stat sb; + FTS *fts; + FTSENT *dp; + char *paths[] = { ".", NULL }; struct { mode_t type; dev_t dev; @@ -58,7 +58,6 @@ main(int argc, char *argv[]) DBT data, key; HASHINFO info; int ch; - u_char buf[MAXNAMLEN + 1]; char dbtmp[PATH_MAX], dbname[PATH_MAX]; (void)snprintf(dbtmp, sizeof(dbtmp), "%sdev.tmp", _PATH_VARRUN); @@ -87,7 +86,10 @@ main(int argc, char *argv[]) if (chdir(_PATH_DEV)) err(1, "%s", _PATH_DEV); - dirp = opendir("."); + fts = fts_open(paths, FTS_PHYSICAL | FTS_NOCHDIR, NULL); + if (!fts) + err(1, "fts_open"); + bzero(&info, sizeof(info)); info.bsize = 8192; @@ -105,35 +107,31 @@ main(int argc, char *argv[]) bzero(&bkey, sizeof(bkey)); key.data = &bkey; key.size = sizeof(bkey); - data.data = buf; - while ((dp = readdir(dirp))) { - if (strcmp(dp->d_name, "..") == 0) + while ((dp = fts_read(fts))) { + if (dp->fts_info != FTS_DEFAULT) continue; - if (lstat(dp->d_name, &sb)) { - warn("%s", dp->d_name); - continue; - } - /* Create the key. */ - if (S_ISCHR(sb.st_mode)) + if (S_ISCHR(dp->fts_statp->st_mode)) bkey.type = S_IFCHR; - else if (S_ISBLK(sb.st_mode)) + else if (S_ISBLK(dp->fts_statp->st_mode)) bkey.type = S_IFBLK; else continue; - bkey.dev = sb.st_rdev; + bkey.dev = dp->fts_statp->st_rdev; /* * Create the data; nul terminate the name so caller doesn't - * have to. + * have to. strlen("./") is 2, which is stripped to remove the + * traversal root name. */ - bcopy(dp->d_name, buf, dp->d_namlen); - buf[dp->d_namlen] = '\0'; - data.size = dp->d_namlen + 1; + data.data = dp->fts_path + 2; + data.size = dp->fts_pathlen - 2 + 1; if ((db->put)(db, &key, &data, 0)) err(1, "dbput %s", dbtmp); } + fts_close(fts); + (void)(db->close)(db); if (rename(dbtmp, dbname)) err(1, "rename %s to %s", dbtmp, dbname); diff --git a/usr.sbin/rpki-client/rrdp_delta.c b/usr.sbin/rpki-client/rrdp_delta.c index d8b12ae6d..1e73f746c 100644 --- a/usr.sbin/rpki-client/rrdp_delta.c +++ b/usr.sbin/rpki-client/rrdp_delta.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rrdp_delta.c,v 1.9 2023/01/04 14:22:43 claudio Exp $ */ +/* $OpenBSD: rrdp_delta.c,v 1.10 2023/12/24 10:48:58 job Exp $ */ /* * Copyright (c) 2020 Nils Fisher * Copyright (c) 2021 Claudio Jeker @@ -47,13 +47,6 @@ struct delta_xml { enum delta_scope scope; }; -enum validate_return { - VALIDATE_RETURN_NO_FILE, - VALIDATE_RETURN_FILE_DEL, - VALIDATE_RETURN_HASH_MISMATCH, - VALIDATE_RETURN_HASH_MATCH -}; - static void start_delta_elem(struct delta_xml *dxml, const char **attr) {