sync with OpenBSD -current

bin/ksh/ksh.1

@@ -1,8 +1,8 @@
-.\"	$OpenBSD: ksh.1,v 1.220 2023/10/20 18:51:09 schwarze Exp $
+.\"	$OpenBSD: ksh.1,v 1.221 2024/09/25 06:13:01 jmc Exp $
 .\"
 .\"	Public Domain
 .\"
-.Dd $Mdocdate: October 20 2023 $
+.Dd $Mdocdate: September 25 2024 $
 .Dt KSH 1
 .Os
 .Sh NAME
@@ -1800,10 +1800,8 @@ command may be used to list, change, and add to this cache (e.g.\&
 Brace expressions take the following form:
 .Bd -unfilled -offset indent
 .Sm off
-.Xo
 .Ar prefix No { Ar str1 No ,...,
 .Ar strN No } Ar suffix
-.Xc
 .Sm on
 .Ed
 .Pp

bin/ksh/shf.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: shf.c,v 1.34 2019/06/28 13:34:59 deraadt Exp $	*/
+/*	$OpenBSD: shf.c,v 1.35 2024/09/23 21:18:33 deraadt Exp $	*/
 
 /*
  *  Shell file I/O routines
@@ -450,6 +450,10 @@ shf_read(char *buf, int bsize, struct shf *shf)
 		ncopy = shf->rnleft;
 		if (ncopy > bsize)
 			ncopy = bsize;
+		if (memchr((char *)shf->rp, '\0', ncopy) != NULL) {
+			errorf("syntax error: NUL byte unexpected");
+			return EOF;
+		}
 		memcpy(buf, shf->rp, ncopy);
 		buf += ncopy;
 		bsize -= ncopy;
@@ -493,6 +497,10 @@ shf_getse(char *buf, int bsize, struct shf *shf)
 		ncopy = end ? end - shf->rp + 1 : shf->rnleft;
 		if (ncopy > bsize)
 			ncopy = bsize;
+		if (memchr((char *)shf->rp, '\0', ncopy) != NULL) {
+			errorf("syntax error: NUL byte unexpected");
+			return NULL;
+		}
 		memcpy(buf, (char *) shf->rp, ncopy);
 		shf->rp += ncopy;
 		shf->rnleft -= ncopy;

etc/rc.d/iked

@@ -1,6 +1,6 @@
 #!/bin/ksh
 #
-# $OpenBSD: iked,v 1.10 2022/09/04 06:57:13 ajacoutot Exp $
+# $OpenBSD: iked,v 1.11 2024/09/23 20:54:01 kn Exp $
 
 daemon="/sbin/iked"
 
@@ -12,10 +12,11 @@ rc_configtest() {
 	# use rc_exec here since daemon_flags may contain arguments with spaces
 	rc_exec "${daemon} -n ${daemon_flags}"
 }
+
 rc_pre() {
-	[[ ${sasyncd_flags} != NO ]] &&
+	if [[ ${sasyncd_flags} != NO ]]; then
 		daemon_flags="-S ${daemon_flags}"
-	return 0
+	fi
 }
 
 rc_cmd $1

etc/rc.d/isakmpd

@@ -1,6 +1,6 @@
 #!/bin/ksh
 #
-# $OpenBSD: isakmpd,v 1.3 2018/01/11 21:09:26 rpe Exp $
+# $OpenBSD: isakmpd,v 1.4 2024/09/23 20:54:01 kn Exp $
 
 daemon="/sbin/isakmpd"
 
@@ -9,9 +9,9 @@ daemon="/sbin/isakmpd"
 pexp="isakmpd: monitor \[priv\]"
 
 rc_pre() {
-	[[ ${sasyncd_flags} != NO ]] &&
+	if [[ ${sasyncd_flags} != NO ]]; then
 		daemon_flags="-S ${daemon_flags}"
-	return 0
+	fi
 }
 
 rc_cmd $1

etc/rc.d/unbound

@@ -1,6 +1,6 @@
 #!/bin/ksh
 #
-# $OpenBSD: unbound,v 1.7 2022/05/21 10:10:45 ajacoutot Exp $
+# $OpenBSD: unbound,v 1.8 2024/09/23 20:44:24 kn Exp $
 
 daemon="/usr/sbin/unbound"
 daemon_flags="-c /var/unbound/etc/unbound.conf"
@@ -12,7 +12,8 @@ rc_pre() {
             /var/unbound/etc/unbound.conf > /dev/null 2>&1; then
 		/usr/sbin/unbound-anchor -v
 	fi
-	/usr/sbin/unbound-checkconf || return 1
+
+	/usr/sbin/unbound-checkconf
 }
 
 rc_cmd $1

lib/libpcap/scanner.l

@@ -1,5 +1,5 @@
 %{
-/*	$OpenBSD: scanner.l,v 1.32 2024/08/29 07:33:50 anton Exp $	*/
+/*	$OpenBSD: scanner.l,v 1.33 2024/09/24 14:20:31 sthen Exp $	*/
 
 /*
  * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
@@ -26,7 +26,6 @@
 #include <sys/time.h>
 
 #include <ctype.h>
-#include <limits.h>
 #include <string.h>
 #include <unistd.h>
 #include <vis.h>
@@ -48,6 +47,7 @@
 #include "grammar.h"
 
 static int stoi(char *);
+static inline int xdtoi(int);
 
 #ifdef FLEX_SCANNER
 #define YY_NO_UNPUT
@@ -333,23 +333,41 @@ yywrap(void)
 	return 1;
 }
 
+/* Hex digit to integer. */
+static inline int
+xdtoi(int c)
+{
+	if (isdigit(c))
+		return c - '0';
+	else if (islower(c))
+		return c - 'a' + 10;
+	else
+		return c - 'A' + 10;
+}
+
 /*
- * Convert string to integer supporting also octal and hex notations.
+ * Convert string to integer.  Just like atoi(), but checks for
+ * preceding 0x or 0 and uses hex or octal instead of decimal.
  */
 static int
 stoi(char *s)
 {
-	long lval;
+	int base = 10;
-	char *ep;
+	int n = 0;
 
-	errno = 0;
+	if (*s == '0') {
-	lval = strtol(s, &ep, 0);
+		if (s[1] == 'x' || s[1] == 'X') {
-	if (*s == '\0' || *ep != '\0')
+			s += 2;
-		bpf_error("invalid number %s", s);
+			base = 16;
-	if ((errno == ERANGE && (lval == LONG_MAX || lval == LONG_MIN)) ||
+		}
-	    (lval > INT_MAX || lval < INT_MIN))
+		else {
-		bpf_error("out of range: %s", s);
+			base = 8;
+			s += 1;
+		}
+	}
+	while (*s)
+		n = n * base + xdtoi(*s++);
 
-	return lval;
+	return n;
 }
 

regress/usr.sbin/bgpd/integrationtests/Makefile

@@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.24 2024/04/09 09:35:57 claudio Exp $
+# $OpenBSD: Makefile,v 1.25 2024/09/25 14:42:39 claudio Exp $
 
 REGRESS_TARGETS	= 	network_statement md5 ovs capa policy pftable \
-			mrt maxprefix maxprefixout maxcomm l3vpn \
+			mrt maxprefix maxprefixout maxcomm maxattr \
-			ixp lladdr \
+			l3vpn ixp lladdr \
 			as0 med eval_all attr
 
 BGPD ?=			/usr/sbin/bgpd
@@ -42,6 +42,9 @@ maxprefixout:
 maxcomm:
 	${SUDO} ksh ${.CURDIR}/$@.sh ${BGPD} ${.CURDIR} 11 12 pair11 pair12
 
+maxattr:
+	${SUDO} ksh ${.CURDIR}/$@.sh ${BGPD} ${.CURDIR} 11 12 pair11 pair12
+
 l3vpn:
 	${SUDO} ksh ${.CURDIR}/$@.sh ${BGPD} ${.CURDIR} 11 12 pair11 pair12 13 14
 

regress/usr.sbin/bgpd/integrationtests/bgpd.maxattr.rdomain1.conf

@@ -0,0 +1,35 @@
+AS 4200000001
+router-id 10.12.57.1
+fib-update no
+
+log updates
+
+group rdomain2_1 {
+	descr		"RDOMAIN2_1"
+	remote-as	4200000002
+
+	neighbor 10.12.57.2
+	neighbor 2001:db8:57::2
+}
+group rdomain2_2 {
+	descr		"RDOMAIN2_2"
+	remote-as	4200000003
+
+	neighbor 10.12.57.3
+	neighbor 2001:db8:57::3
+}
+
+match from any community 42:1 set prepend-self 1
+match from any community 42:2 set prepend-self 10
+match from any community 42:3 set { community 42:43 }
+match from any community 42:4 set {
+	community 42:43
+	community 42:10
+	community 42:11
+	community 42:12
+	large-community 42:42:42
+	large-community 42:42:43
+}
+
+allow from any
+allow to any

regress/usr.sbin/bgpd/integrationtests/bgpd.maxattr.rdomain2_1.conf

@@ -0,0 +1,393 @@
+AS 4200000002
+router-id 10.12.57.2
+fib-update no
+
+log updates
+
+listen on 10.12.57.2
+listen on 2001:db8:57::2
+
+group rdomain1 {
+	descr		"RDOMAIN1"
+	remote-as	4200000001
+	local-address	10.12.57.2
+	local-address	2001:db8:57::2
+
+	neighbor 10.12.57.1
+	neighbor 2001:db8:57::1
+}
+
+match to any community 0:1 set {
+	community 0:10
+	community 0:11
+	community 0:12
+	community 0:13
+	community 0:14
+	community 0:15
+	community 0:16
+	community 0:17
+}
+
+match to any community 0:2 set {
+	community 0:10
+	community 0:11
+	community 0:12
+	community 0:13
+	community 0:14
+	community 0:15
+	community 0:16
+	community 0:20
+	community 0:21
+}
+match to any community 0:10 set {
+	large-community local-as:0:1
+	large-community local-as:0:2
+	large-community local-as:0:3
+	large-community local-as:0:4
+	large-community local-as:0:5
+	large-community local-as:0:6
+	large-community local-as:0:7
+	large-community local-as:0:8
+	large-community local-as:0:9
+	large-community local-as:0:10
+	large-community local-as:0:11
+	large-community local-as:0:12
+	large-community local-as:0:13
+	large-community local-as:0:14
+	large-community local-as:0:15
+	large-community local-as:0:16
+	large-community local-as:0:17
+	large-community local-as:0:18
+	large-community local-as:0:19
+	large-community local-as:0:20
+	large-community local-as:0:21
+	large-community local-as:0:22
+	large-community local-as:0:23
+	large-community local-as:0:24
+	large-community local-as:0:25
+	large-community local-as:0:26
+	large-community local-as:0:27
+	large-community local-as:0:28
+	large-community local-as:0:29
+	large-community local-as:0:30
+	large-community local-as:0:31
+	large-community local-as:0:32
+	large-community local-as:0:33
+	large-community local-as:0:34
+	large-community local-as:0:35
+	large-community local-as:0:36
+	large-community local-as:0:37
+	large-community local-as:0:38
+	large-community local-as:0:39
+	large-community local-as:0:40
+	large-community local-as:0:41
+	large-community local-as:0:42
+	large-community local-as:0:43
+	large-community local-as:0:44
+	large-community local-as:0:45
+	large-community local-as:0:46
+	large-community local-as:0:47
+	large-community local-as:0:48
+	large-community local-as:0:49
+	large-community local-as:0:50
+}
+match to any community 0:11 set {
+	large-community local-as:1:1
+	large-community local-as:1:2
+	large-community local-as:1:3
+	large-community local-as:1:4
+	large-community local-as:1:5
+	large-community local-as:1:6
+	large-community local-as:1:7
+	large-community local-as:1:8
+	large-community local-as:1:9
+	large-community local-as:1:10
+	large-community local-as:1:11
+	large-community local-as:1:12
+	large-community local-as:1:13
+	large-community local-as:1:14
+	large-community local-as:1:15
+	large-community local-as:1:16
+	large-community local-as:1:17
+	large-community local-as:1:18
+	large-community local-as:1:19
+	large-community local-as:1:20
+	large-community local-as:1:21
+	large-community local-as:1:22
+	large-community local-as:1:23
+	large-community local-as:1:24
+	large-community local-as:1:25
+	large-community local-as:1:26
+	large-community local-as:1:27
+	large-community local-as:1:28
+	large-community local-as:1:29
+	large-community local-as:1:30
+	large-community local-as:1:31
+	large-community local-as:1:32
+	large-community local-as:1:33
+	large-community local-as:1:34
+	large-community local-as:1:35
+	large-community local-as:1:36
+	large-community local-as:1:37
+	large-community local-as:1:38
+	large-community local-as:1:39
+	large-community local-as:1:40
+	large-community local-as:1:41
+	large-community local-as:1:42
+	large-community local-as:1:43
+	large-community local-as:1:44
+	large-community local-as:1:45
+	large-community local-as:1:46
+	large-community local-as:1:47
+	large-community local-as:1:48
+	large-community local-as:1:49
+	large-community local-as:1:50
+}
+match to any community 0:12 set {
+	large-community local-as:2:1
+	large-community local-as:2:2
+	large-community local-as:2:3
+	large-community local-as:2:4
+	large-community local-as:2:5
+	large-community local-as:2:6
+	large-community local-as:2:7
+	large-community local-as:2:8
+	large-community local-as:2:9
+	large-community local-as:2:10
+	large-community local-as:2:11
+	large-community local-as:2:12
+	large-community local-as:2:13
+	large-community local-as:2:14
+	large-community local-as:2:15
+	large-community local-as:2:16
+	large-community local-as:2:17
+	large-community local-as:2:18
+	large-community local-as:2:19
+	large-community local-as:2:20
+	large-community local-as:2:21
+	large-community local-as:2:22
+	large-community local-as:2:23
+	large-community local-as:2:24
+	large-community local-as:2:25
+	large-community local-as:2:26
+	large-community local-as:2:27
+	large-community local-as:2:28
+	large-community local-as:2:29
+	large-community local-as:2:30
+	large-community local-as:2:31
+	large-community local-as:2:32
+	large-community local-as:2:33
+	large-community local-as:2:34
+	large-community local-as:2:35
+	large-community local-as:2:36
+	large-community local-as:2:37
+	large-community local-as:2:38
+	large-community local-as:2:39
+	large-community local-as:2:40
+	large-community local-as:2:41
+	large-community local-as:2:42
+	large-community local-as:2:43
+	large-community local-as:2:44
+	large-community local-as:2:45
+	large-community local-as:2:46
+	large-community local-as:2:47
+	large-community local-as:2:48
+	large-community local-as:2:49
+	large-community local-as:2:50
+}
+match to any community 0:13 set {
+	large-community local-as:3:1
+	large-community local-as:3:2
+	large-community local-as:3:3
+	large-community local-as:3:4
+	large-community local-as:3:5
+	large-community local-as:3:6
+	large-community local-as:3:7
+	large-community local-as:3:8
+	large-community local-as:3:9
+	large-community local-as:3:10
+	large-community local-as:3:11
+	large-community local-as:3:12
+	large-community local-as:3:13
+	large-community local-as:3:14
+	large-community local-as:3:15
+	large-community local-as:3:16
+	large-community local-as:3:17
+	large-community local-as:3:18
+	large-community local-as:3:19
+	large-community local-as:3:20
+	large-community local-as:3:21
+	large-community local-as:3:22
+	large-community local-as:3:23
+	large-community local-as:3:24
+	large-community local-as:3:25
+	large-community local-as:3:26
+	large-community local-as:3:27
+	large-community local-as:3:28
+	large-community local-as:3:29
+	large-community local-as:3:30
+	large-community local-as:3:31
+	large-community local-as:3:32
+	large-community local-as:3:33
+	large-community local-as:3:34
+	large-community local-as:3:35
+	large-community local-as:3:36
+	large-community local-as:3:37
+	large-community local-as:3:38
+	large-community local-as:3:39
+	large-community local-as:3:40
+	large-community local-as:3:41
+	large-community local-as:3:42
+	large-community local-as:3:43
+	large-community local-as:3:44
+	large-community local-as:3:45
+	large-community local-as:3:46
+	large-community local-as:3:47
+	large-community local-as:3:48
+	large-community local-as:3:49
+	large-community local-as:3:50
+}
+match to any community 0:14 set {
+	large-community local-as:4:1
+	large-community local-as:4:2
+	large-community local-as:4:3
+	large-community local-as:4:4
+	large-community local-as:4:5
+	large-community local-as:4:6
+	large-community local-as:4:7
+	large-community local-as:4:8
+	large-community local-as:4:9
+	large-community local-as:4:10
+	large-community local-as:4:11
+	large-community local-as:4:12
+	large-community local-as:4:13
+	large-community local-as:4:14
+	large-community local-as:4:15
+	large-community local-as:4:16
+	large-community local-as:4:17
+	large-community local-as:4:18
+	large-community local-as:4:19
+	large-community local-as:4:20
+	large-community local-as:4:21
+	large-community local-as:4:22
+	large-community local-as:4:23
+	large-community local-as:4:24
+	large-community local-as:4:25
+	large-community local-as:4:26
+	large-community local-as:4:27
+	large-community local-as:4:28
+	large-community local-as:4:29
+	large-community local-as:4:30
+	large-community local-as:4:31
+	large-community local-as:4:32
+	large-community local-as:4:33
+	large-community local-as:4:34
+	large-community local-as:4:35
+	large-community local-as:4:36
+	large-community local-as:4:37
+	large-community local-as:4:38
+	large-community local-as:4:39
+	large-community local-as:4:40
+	large-community local-as:4:41
+	large-community local-as:4:42
+	large-community local-as:4:43
+	large-community local-as:4:44
+	large-community local-as:4:45
+	large-community local-as:4:46
+	large-community local-as:4:47
+	large-community local-as:4:48
+	large-community local-as:4:49
+	large-community local-as:4:50
+}
+match to any community 0:15 set {
+	large-community local-as:5:1
+	large-community local-as:5:2
+	large-community local-as:5:3
+	large-community local-as:5:4
+	large-community local-as:5:5
+	large-community local-as:5:6
+	large-community local-as:5:7
+	large-community local-as:5:8
+	large-community local-as:5:9
+	large-community local-as:5:10
+	large-community local-as:5:11
+	large-community local-as:5:12
+	large-community local-as:5:13
+	large-community local-as:5:14
+	large-community local-as:5:15
+	large-community local-as:5:16
+	large-community local-as:5:17
+	large-community local-as:5:18
+	large-community local-as:5:19
+	large-community local-as:5:20
+	large-community local-as:5:21
+	large-community local-as:5:22
+	large-community local-as:5:23
+	large-community local-as:5:24
+	large-community local-as:5:25
+	large-community local-as:5:26
+	large-community local-as:5:27
+	large-community local-as:5:28
+	large-community local-as:5:29
+	large-community local-as:5:30
+	large-community local-as:5:31
+	large-community local-as:5:32
+	large-community local-as:5:33
+	large-community local-as:5:34
+	large-community local-as:5:35
+	large-community local-as:5:36
+	large-community local-as:5:37
+	large-community local-as:5:38
+	large-community local-as:5:39
+	large-community local-as:5:40
+	large-community local-as:5:41
+	large-community local-as:5:42
+	large-community local-as:5:43
+	large-community local-as:5:44
+	large-community local-as:5:45
+	large-community local-as:5:46
+	large-community local-as:5:47
+	large-community local-as:5:48
+	large-community local-as:5:49
+	large-community local-as:5:50
+}
+match to any community 0:16 set {
+	large-community local-as:6:1
+	large-community local-as:6:2
+	large-community local-as:6:3
+	large-community local-as:6:4
+	large-community local-as:6:5
+	large-community local-as:6:6
+	large-community local-as:6:7
+	large-community local-as:6:8
+	large-community local-as:6:9
+	large-community local-as:6:10
+	large-community local-as:6:11
+	large-community local-as:6:12
+	large-community local-as:6:13
+	large-community local-as:6:14
+	large-community local-as:6:15
+	large-community local-as:6:16
+	large-community local-as:6:17
+	large-community local-as:6:18
+	large-community local-as:6:19
+	large-community local-as:6:20
+	large-community local-as:6:21
+	large-community local-as:6:22
+	large-community local-as:6:23
+	large-community local-as:6:24
+	large-community local-as:6:25
+	large-community local-as:6:26
+	large-community local-as:6:27
+	large-community local-as:6:28
+	large-community local-as:6:29
+	large-community local-as:6:30
+	large-community local-as:6:31
+}
+match to any community 0:17 set {
+	large-community local-as:7:1
+	large-community local-as:7:2
+}
+
+allow from any
+allow to any

regress/usr.sbin/bgpd/integrationtests/bgpd.maxattr.rdomain2_2.conf

@@ -0,0 +1,23 @@
+AS 4200000003
+router-id 10.12.57.3
+fib-update no
+
+log updates
+
+listen on 10.12.57.3
+listen on 2001:db8:57::3
+
+socket "/var/run/bgpd.sock.12_2"
+
+group rdomain1 {
+	descr		"RDOMAIN1"
+	remote-as	4200000001
+	local-address	10.12.57.3
+	local-address	2001:db8:57::3
+
+	neighbor 10.12.57.1
+	neighbor 2001:db8:57::1
+}
+
+allow from any
+allow to any

regress/usr.sbin/bgpd/integrationtests/maxattr.sh

@@ -0,0 +1,131 @@
+#!/bin/ksh
+#	$OpenBSD: maxattr.sh,v 1.2 2024/09/25 15:38:39 claudio Exp $
+
+set -e
+
+BGPD=$1
+BGPDCONFIGDIR=$2
+RDOMAIN1=$3
+RDOMAIN2=$4
+PAIR1=$5
+PAIR2=$6
+
+RDOMAINS="${RDOMAIN1} ${RDOMAIN2}"
+PAIRS="${PAIR1} ${PAIR2}"
+PAIR1IP=10.12.57.1
+PAIR2IP=10.12.57.2
+PAIR2IP_2=10.12.57.3
+PAIR1IP6=2001:db8:57::1
+PAIR2IP6=2001:db8:57::2
+PAIR2IP6_2=2001:db8:57::3
+
+error_notify() {
+	echo cleanup
+	pfctl -q -t bgpd_integ_test -T kill
+	pkill -T ${RDOMAIN1} bgpd || true
+	pkill -T ${RDOMAIN2} bgpd || true
+	sleep 1
+	ifconfig ${PAIR2} destroy || true
+	ifconfig ${PAIR1} destroy || true
+	route -qn -T ${RDOMAIN1} flush || true
+	route -qn -T ${RDOMAIN2} flush || true
+	ifconfig lo${RDOMAIN1} destroy || true
+	ifconfig lo${RDOMAIN2} destroy || true
+	if [ $1 -ne 0 ]; then
+		echo FAILED
+		exit 1
+	else
+		echo SUCCESS
+	fi
+}
+
+if [ "$(id -u)" -ne 0 ]; then 
+	echo need root privileges >&2
+	exit 1
+fi
+
+trap 'error_notify $?' EXIT
+
+echo check if rdomains are busy
+for n in ${RDOMAINS}; do
+	if /sbin/ifconfig | grep -v "^lo${n}:" | grep " rdomain ${n} "; then
+		echo routing domain ${n} is already used >&2
+		exit 1
+	fi
+done
+
+echo check if interfaces are busy
+for n in ${PAIRS}; do
+	/sbin/ifconfig "${n}" >/dev/null 2>&1 && \
+	    ( echo interface ${n} is already used >&2; exit 1 )
+done
+
+set -x
+
+echo setup
+ifconfig ${PAIR1} rdomain ${RDOMAIN1} ${PAIR1IP}/29 up
+ifconfig ${PAIR2} rdomain ${RDOMAIN2} ${PAIR2IP}/29 up
+ifconfig ${PAIR1} inet6 ${PAIR1IP6}/64
+ifconfig ${PAIR2} inet6 ${PAIR2IP6}/64
+ifconfig ${PAIR2} alias ${PAIR2IP_2}/32
+ifconfig ${PAIR2} inet6 ${PAIR2IP6_2}/128
+ifconfig ${PAIR1} patch ${PAIR2}
+ifconfig lo${RDOMAIN1} inet 127.0.0.1/8
+ifconfig lo${RDOMAIN2} inet 127.0.0.1/8
+
+tcpdump -s 2000 -w /tmp/bgp.pcap -i ${PAIR1} &
+
+echo run bgpds
+route -T ${RDOMAIN1} exec ${BGPD} \
+	-v -f ${BGPDCONFIGDIR}/bgpd.maxattr.rdomain1.conf
+sleep 2
+route -T ${RDOMAIN2} exec ${BGPD} \
+	-v -f ${BGPDCONFIGDIR}/bgpd.maxattr.rdomain2_1.conf
+route -T ${RDOMAIN2} exec ${BGPD} \
+	-v -f ${BGPDCONFIGDIR}/bgpd.maxattr.rdomain2_2.conf
+sleep 1
+
+echo inject initial prefixes
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.60.0/24
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.61.0/24 community 0:1
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.62.0/24 community 0:1
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.63.0/24 community 0:1
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.64.0/24 community 0:1
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.65.0/24 community 0:1
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.66.0/24 community 0:1
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:60::/48
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:61::/48 community 0:2
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:62::/48 community 0:2
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:63::/48 community 0:2
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:64::/48 community 0:2
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:65::/48 community 0:2
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:66::/48 community 0:2
+
+sleep 4
+echo test1: check propagation
+route -T ${RDOMAIN1} exec bgpctl show rib out | tee maxattr.test1.out
+route -T ${RDOMAIN2} exec bgpctl -s /var/run/bgpd.sock.12_2 show rib | tee -a maxattr.test1.out
+
+echo update prefixes
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.62.0/24 community 0:1 community 42:1
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.63.0/24 community 0:1 community 42:2
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.64.0/24 community 0:1 community 42:3
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.65.0/24 community 0:1 community 42:4
+route -T ${RDOMAIN2} exec bgpctl network add 10.12.66.0/24 community 0:1 community 42:5
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:62::/48 community 0:2 community 42:1
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:63::/48 community 0:2 community 42:2
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:64::/48 community 0:2 community 42:3
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:65::/48 community 0:2 community 42:4
+route -T ${RDOMAIN2} exec bgpctl network add 2001:db8:66::/48 community 0:2 community 42:5
+
+sleep 2
+echo test2: check propagation
+route -T ${RDOMAIN1} exec bgpctl show rib out | tee maxattr.test2.out
+route -T ${RDOMAIN2} exec bgpctl -s /var/run/bgpd.sock.12_2 show rib | tee -a maxattr.test2.out
+
+echo check results
+diff -u ${BGPDCONFIGDIR}/maxattr.test1.ok maxattr.test1.out
+diff -u ${BGPDCONFIGDIR}/maxattr.test2.ok maxattr.test2.out
+echo OK
+
+exit 0

regress/usr.sbin/bgpd/integrationtests/maxattr.test1.ok

@@ -0,0 +1,42 @@
+flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
+       S = Stale, E = Error, F = Filtered
+origin validation state: N = not-found, V = valid, ! = invalid
+aspa validation state: ? = unknown, V = valid, ! = invalid
+origin: i = IGP, e = EGP, ? = Incomplete
+
+flags  vs destination          gateway          lpref   med aspath origin
+*     N-? 10.12.60.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.61.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.62.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.63.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.64.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.65.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.66.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 2001:db8:60::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:61::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:62::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:63::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:64::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:65::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:66::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
+       S = Stale, E = Error, F = Filtered
+origin validation state: N = not-found, V = valid, ! = invalid
+aspa validation state: ? = unknown, V = valid, ! = invalid
+origin: i = IGP, e = EGP, ? = Incomplete
+
+flags  vs destination          gateway          lpref   med aspath origin
+*>    N-? 10.12.60.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 10.12.61.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 10.12.62.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 10.12.63.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 10.12.64.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 10.12.65.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 10.12.66.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:60::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:61::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:62::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:63::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:64::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:65::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:66::/48     2001:db8:57::2    100     0 4200000001 4200000002 i

regress/usr.sbin/bgpd/integrationtests/maxattr.test2.ok

@@ -0,0 +1,34 @@
+flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
+       S = Stale, E = Error, F = Filtered
+origin validation state: N = not-found, V = valid, ! = invalid
+aspa validation state: ? = unknown, V = valid, ! = invalid
+origin: i = IGP, e = EGP, ? = Incomplete
+
+flags  vs destination          gateway          lpref   med aspath origin
+*     N-? 10.12.60.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.61.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.62.0/24        10.12.57.2        100     0 4200000001 4200000001 4200000002 i
+*     N-? 10.12.63.0/24        10.12.57.2        100     0 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000002 i
+*     N-? 10.12.64.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.65.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 10.12.66.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*     N-? 2001:db8:60::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:61::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:62::/48     2001:db8:57::2    100     0 4200000001 4200000001 4200000002 i
+*     N-? 2001:db8:63::/48     2001:db8:57::2    100     0 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000001 4200000002 i
+*     N-? 2001:db8:64::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:65::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*     N-? 2001:db8:66::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+flags: * = Valid, > = Selected, I = via IBGP, A = Announced,
+       S = Stale, E = Error, F = Filtered
+origin validation state: N = not-found, V = valid, ! = invalid
+aspa validation state: ? = unknown, V = valid, ! = invalid
+origin: i = IGP, e = EGP, ? = Incomplete
+
+flags  vs destination          gateway          lpref   med aspath origin
+*>    N-? 10.12.60.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 10.12.61.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 10.12.66.0/24        10.12.57.2        100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:60::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:61::/48     2001:db8:57::2    100     0 4200000001 4200000002 i
+*>    N-? 2001:db8:66::/48     2001:db8:57::2    100     0 4200000001 4200000002 i

share/man/man4/netintro.4

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: netintro.4,v 1.53 2018/07/09 09:18:52 schwarze Exp $
+.\"	$OpenBSD: netintro.4,v 1.55 2024/09/23 20:38:49 kn Exp $
 .\"	$NetBSD: netintro.4,v 1.4 1995/10/19 08:03:40 jtc Exp $
 .\"
 .\" Copyright (c) 1983, 1990, 1991, 1993
@@ -30,7 +30,7 @@
 .\"
 .\"     @(#)netintro.4	8.2 (Berkeley) 11/30/93
 .\"
-.Dd $Mdocdate: July 9 2018 $
+.Dd $Mdocdate: September 23 2024 $
 .Dt NETINTRO 4
 .Os
 .Sh NAME
@@ -201,7 +201,6 @@ structure pointer as their parameter.
 This structure is as follows:
 .Bd -literal
 struct	ifreq {
-#define IFNAMSIZ 16
 	char	ifr_name[IFNAMSIZ];		/* if name, e.g. "en0" */
 	union {
 		struct	sockaddr	ifru_addr;
@@ -225,9 +224,12 @@ struct	ifreq {
 #define	ifr_rdomainid	ifr_ifru.ifru_metric	/* VRF instance (overload) */
 #define ifr_vnetid	ifr_ifru.ifru_vnetid	/* Virtual Net Id */
 #define ifr_ttl		ifr_ifru.ifru_metric	/* tunnel TTL (overload) */
+#define ifr_df		ifr_ifru.ifru_metric	/* tunnel DF (overload) */
 #define	ifr_data	ifr_ifru.ifru_data	/* for use by interface */
 #define ifr_index	ifr_ifru.ifru_index	/* interface index */
 #define ifr_llprio	ifr_ifru.ifru_metric	/* link layer priority */
+#define ifr_hdrprio	ifr_ifru.ifru_metric	/* header prio field config */
+#define ifr_pwe3	ifr_ifru.ifru_metric	/* PWE3 type */
 };
 .Ed
 .Pp
@@ -282,6 +284,8 @@ When marked up again, the interface is reinitialized.
 Get the interface flags.
 .It Dv SIOCGIFXFLAGS Fa "struct ifreq *"
 Get the extended interface flags.
+.It Dv SIOCSIFMTU Fa "struct ifreq *"
+Set the MTU of the interface.
 .It Dv SIOCGIFMTU Fa "struct ifreq *"
 Get the current MTU of the interface.
 .It Dv SIOCGIFHARDMTU Fa "struct ifreq *"
@@ -299,11 +303,11 @@ structure is as follows:
 .Bd -literal
 struct ifmediareq {
 	char		ifm_name[IFNAMSIZ];	/* if name, e.g. "en0" */
-	uint64_t	ifm_current;	/* current media options */
+	uint64_t	ifm_current;		/* get/set current media options */
 	uint64_t	ifm_mask;		/* don't care mask */
 	uint64_t	ifm_status;		/* media status */
 	uint64_t	ifm_active;		/* active options */
-	int		ifm_count;	/* #entries in ifm_ulist array */
+	int		ifm_count;		/* # entries in ifm_ulist array */
 	uint64_t	*ifm_ulist;		/* media words */
 };
 .Ed
@@ -354,7 +358,13 @@ structure is as follows:
 .Bd -literal
 struct ifaliasreq {
 	char	ifra_name[IFNAMSIZ];		/* if name, e.g. "en0" */
-	struct	sockaddr ifra_addr;
+	union {
+		struct	sockaddr ifrau_addr;
+		int	ifrau_align;
+	 } ifra_ifrau;
+#ifndef ifra_addr
+#define ifra_addr	ifra_ifrau.ifrau_addr
+#endif
 	struct	sockaddr ifra_dstaddr;
 #define	ifra_broadaddr	ifra_dstaddr
 	struct	sockaddr ifra_mask;
@@ -406,7 +416,7 @@ struct ifconf {
 		struct	ifreq *ifcu_req;
 	} ifc_ifcu;
 #define	ifc_buf	ifc_ifcu.ifcu_buf	/* buffer address */
-#define ifc_req ifc_ifcu.ifcu_req /* array of structures ret'd */
+#define	ifc_req	ifc_ifcu.ifcu_req	/* array of structures returned */
 };
 .Ed
 .It Dv SIOCIFCREATE Fa "struct ifreq *"
@@ -439,7 +449,7 @@ structure is as follows:
 .Bd -literal
 struct if_clonereq {
 	int   ifcr_total;  /* total cloners (out) */
-	int   ifcr_count;  /* room for this many in user buf */
+	int   ifcr_count;  /* room for this many in user buffer */
 	char *ifcr_buffer; /* buffer for cloner names */
 };
 .Ed
@@ -453,7 +463,12 @@ The
 structure is as follows:
 .Bd -literal
 struct ifg_req {
-	char			 ifgrq_group[IFNAMSIZ];
+	union {
+		char			 ifgrqu_group[IFNAMSIZ];
+		char			 ifgrqu_member[IFNAMSIZ];
+	} ifgrq_ifgrqu;
+#define	ifgrq_group	ifgrq_ifgrqu.ifgrqu_group
+#define	ifgrq_member	ifgrq_ifgrqu.ifgrqu_member
 };
 
 struct ifgroupreq {
@@ -462,9 +477,11 @@ struct ifgroupreq {
 	union {
 		char			 ifgru_group[IFNAMSIZ];
 		struct	ifg_req		*ifgru_groups;
+		struct	ifg_attrib	 ifgru_attrib;
 	} ifgr_ifgru;
 #define ifgr_group	ifgr_ifgru.ifgru_group
 #define ifgr_groups	ifgr_ifgru.ifgru_groups
+#define ifgr_attrib	ifgr_ifgru.ifgru_attrib
 };
 .Ed
 .It Dv SIOCGIFGROUP Fa "struct ifgroupreq *"

sys/conf/newvers.sh

@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$OpenBSD: newvers.sh,v 1.205 2024/09/17 13:39:17 deraadt Exp $
+#	$OpenBSD: newvers.sh,v 1.207 2024/09/23 21:05:28 deraadt Exp $
 #	$NetBSD: newvers.sh,v 1.17.2.1 1995/10/12 05:17:11 jtc Exp $
 #
 # Copyright (c) 1984, 1986, 1990, 1993
@@ -71,10 +71,10 @@ ost="SecBSD"
 osr="1.6"
 
 cat >vers.c <<eof
-#define STATUS ""			/* release */
-#if 0
-#define STATUS "-beta"			/* just before a release */
 #define STATUS "-current"		/* just after a release */
+#if 0
+#define STATUS ""			/* release */
+#define STATUS "-beta"			/* just before a release */
 #define STATUS "-stable"		/* stable branch */
 #endif
 

sys/dev/pci/drm/i915/gt/uc/intel_guc_ads.c

@@ -259,7 +259,7 @@ __mmio_reg_add(struct temp_regset *regset, struct guc_mmio_reg *reg)
 
 	if (pos >= regset->storage_max) {
 		size_t size = ALIGN((pos + 1) * sizeof(*slot), PAGE_SIZE);
-#ifdef ___linux__
+#ifdef __linux__
 		struct guc_mmio_reg *r = krealloc(regset->storage,
 						  size, GFP_KERNEL);
 		if (!r) {

sys/kern/kern_pledge.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.319 2024/09/04 07:45:08 jsg Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.320 2024/09/24 02:22:42 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -997,6 +997,11 @@ pledge_sysctl(struct proc *p, int miblen, int *mib, void *new)
 	    mib[0] == CTL_MACHDEP && mib[1] == CPU_ID_AA64ISAR0)
 		return (0);
 #endif /* CPU_ID_AA64ISAR0 */
+#ifdef CPU_ID_AA64ISAR1
+	if (miblen == 2 &&		/* arm64 libcrypto inspects CPU features */
+	    mib[0] == CTL_MACHDEP && mib[1] == CPU_ID_AA64ISAR1)
+		return (0);
+#endif /* CPU_ID_AA64ISAR1 */
 
 	snprintf(buf, sizeof(buf), "%s(%d): pledge sysctl %d:",
 	    p->p_p->ps_comm, p->p_p->ps_pid, miblen);

sys/kern/kern_sysctl.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_sysctl.c,v 1.446 2024/08/29 10:44:40 bluhm Exp $	*/
+/*	$OpenBSD: kern_sysctl.c,v 1.447 2024/09/24 12:37:11 bluhm Exp $	*/
 /*	$NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $	*/
 
 /*-
@@ -2491,7 +2491,7 @@ sysctl_diskinit(int update, struct proc *p)
 
 	/* Run in a loop, disks may change while malloc sleeps. */
 	while (disk_change) {
-		int tlen;
+		int tlen, count;
 
 		disk_change = 0;
 
@@ -2502,6 +2502,8 @@ sysctl_diskinit(int update, struct proc *p)
 			tlen += 18;	/* label uid + separators */
 		}
 		tlen++;
+		/* disk_count may change when malloc sleeps */
+		count = disk_count;
 
 		/*
 		 * The sysctl_disklock ensures that no other process can
@@ -2511,9 +2513,9 @@ sysctl_diskinit(int update, struct proc *p)
 		free(diskstats, M_SYSCTL, diskstatslen);
 		diskstats = NULL;
 		disknames = NULL;
-		diskstats = mallocarray(disk_count, sizeof(struct diskstats),
+		diskstats = mallocarray(count, sizeof(struct diskstats),
 		    M_SYSCTL, M_WAITOK|M_ZERO);
-		diskstatslen = disk_count * sizeof(struct diskstats);
+		diskstatslen = count * sizeof(struct diskstats);
 		disknames = malloc(tlen, M_SYSCTL, M_WAITOK|M_ZERO);
 		disknameslen = tlen;
 		disknames[0] = '\0';

sys/kern/subr_witness.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: subr_witness.c,v 1.53 2024/06/03 14:34:19 claudio Exp $	*/
+/*	$OpenBSD: subr_witness.c,v 1.54 2024/09/25 18:24:13 bluhm Exp $	*/
 
 /*-
  * Copyright (c) 2008 Isilon Systems, Inc.
@@ -766,7 +766,6 @@ witness_checkorder(struct lock_object *lock, int flags,
 	struct lock_list_entry *lock_list, *lle;
 	struct lock_instance *lock1, *lock2, *plock;
 	struct lock_class *class, *iclass;
-	struct proc *p;
 	struct witness *w, *w1;
 	int i, j, s;
 
@@ -792,9 +791,9 @@ witness_checkorder(struct lock_object *lock, int flags,
 		w = lock->lo_witness =
 		    enroll(lock->lo_type, lock->lo_name, class);
 
-	p = curproc;
-
 	if (class->lc_flags & LC_SLEEPLOCK) {
+		struct proc *p;
+
 		/*
 		 * Since spin locks include a critical section, this check
 		 * implicitly enforces a lock order of all sleep locks before
@@ -811,6 +810,9 @@ witness_checkorder(struct lock_object *lock, int flags,
 		 * If this is the first lock acquired then just return as
 		 * no order checking is needed.
 		 */
+		p = curproc;
+		if (p == NULL)
+			return;
 		lock_list = p->p_sleeplocks;
 		if (lock_list == NULL || lock_list->ll_count == 0)
 			return;
@@ -1097,7 +1099,6 @@ witness_lock(struct lock_object *lock, int flags)
 {
 	struct lock_list_entry **lock_list, *lle;
 	struct lock_instance *instance;
-	struct proc *p;
 	struct witness *w;
 	int s;
 
@@ -1110,12 +1111,15 @@ witness_lock(struct lock_object *lock, int flags)
 		w = lock->lo_witness =
 		    enroll(lock->lo_type, lock->lo_name, LOCK_CLASS(lock));
 
-	p = curproc;
-
 	/* Determine lock list for this lock. */
-	if (LOCK_CLASS(lock)->lc_flags & LC_SLEEPLOCK)
+	if (LOCK_CLASS(lock)->lc_flags & LC_SLEEPLOCK) {
+		struct proc *p;
+
+		p = curproc;
+		if (p == NULL)
+			return;
 		lock_list = &p->p_sleeplocks;
-	else
+	} else
 		lock_list = &witness_cpu[cpu_number()].wc_spinlocks;
 
 	s = splhigh();
@@ -1243,20 +1247,23 @@ witness_unlock(struct lock_object *lock, int flags)
 	struct lock_list_entry **lock_list, *lle;
 	struct lock_instance *instance;
 	struct lock_class *class;
-	struct proc *p;
 	int i, j;
 	int s;
 
 	if (witness_cold || lock->lo_witness == NULL ||
 	    panicstr != NULL || db_active)
 		return;
-	p = curproc;
 	class = LOCK_CLASS(lock);
 
 	/* Find lock instance associated with this lock. */
-	if (class->lc_flags & LC_SLEEPLOCK)
+	if (class->lc_flags & LC_SLEEPLOCK) {
+		struct proc *p;
+
+		p = curproc;
+		if (p == NULL)
+			return;
 		lock_list = &p->p_sleeplocks;
-	else
+	} else
 		lock_list = &witness_cpu[cpu_number()].wc_spinlocks;
 
 	s = splhigh();

usr.bin/dig/dig.1

@@ -1,4 +1,4 @@
-.\" $OpenBSD: dig.1,v 1.6 2022/02/17 14:08:11 jsg Exp $
+.\" $OpenBSD: dig.1,v 1.7 2024/09/25 06:13:01 jmc Exp $
 .\"
 .\" Copyright (C) 2000-2011, 2013-2018 Internet Systems Consortium, Inc. ("ISC")
 .\"
@@ -14,7 +14,7 @@
 .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 .\" PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: February 17 2022 $
+.Dd $Mdocdate: September 25 2024 $
 .Dt DIG 1
 .Os
 .Sh NAME
@@ -307,11 +307,9 @@ The query options are:
 .Cm aaflag
 .Xc
 A synonym for
-.Xo
 .Cm + Ns
 .Op Cm no Ns
 .Cm aaonly .
-.Xc
 .It Xo
 .Cm + Ns
 .Op Cm no Ns
@@ -413,11 +411,9 @@ is automatically set when
 is in use, to better emulate the default queries from a name server.
 .Pp
 This option was formerly called
-.Xo
 .Cm + Ns
 .Op Cm no Ns
 .Cm sit
-.Xc
 (Server Identity Token).
 In BIND 9.10.0 through BIND 9.10.2,
 it sent the experimental option code 65001.
@@ -425,17 +421,13 @@ This was changed to option code 10 in BIND 9.10.3 when the DNS
 COOKIE option was allocated.
 .Pp
 The
-.Xo
 .Cm + Ns
 .Op Cm no Ns
 .Cm sit
-.Xc
 option is now deprecated, but has been retained as a synonym for
-.Xo
 .Cm + Ns
 .Op Cm no Ns
 .Cm cookie
-.Xc
 for backward compatibility within the BIND 9.10 branch.
 .It Xo
 .Cm + Ns
@@ -453,11 +445,9 @@ the key id is displayed as the replacement, e.g. "[ key id = value ]".
 .Cm defname
 .Xc
 Deprecated, treated as a synonym for
-.Xo
 .Cm + Ns
 .Op Cm no Ns
-.Cm search
+.Cm search .
-.Xc .
 .It Xo
 .Cm + Ns
 .Op Cm no Ns
@@ -650,11 +640,9 @@ is returned (on by default).
 .Cm rdflag
 .Xc
 A synonym for
-.Xo
 .Cm + Ns
 .Op Cm no Ns
-.Cm recurse
+.Cm recurse .
-.Xc .
 .It Xo
 .Cm + Ns
 .Op Cm no Ns
@@ -817,11 +805,9 @@ Display the TTL when printing the record (on by default).
 .Xc
 Use TCP when querying name servers.
 This alternate syntax to
-.Xo
 .Cm + Ns
 .Op Cm no Ns
 .Cm tcp
-.Xc
 is provided for backwards compatibility.
 The "vc" stands for "virtual circuit".
 .El
@@ -848,11 +834,9 @@ also be supplied.
 These global query options must precede the first tuple of name, class, type,
 options, flags, and query options supplied on the command line.
 Any global query options (except the
-.Xo
 .Cm + Ns
 .Op Cm no Ns
 .Cm cmd
-.Xc
 option) can be overridden by a query-specific set of query options.
 For example:
 .Bd -literal -offset indent

usr.bin/ssh/misc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.196 2024/06/06 17:15:25 djm Exp $ */
+/* $OpenBSD: misc.c,v 1.197 2024/09/25 01:24:04 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005-2020 Damien Miller.  All rights reserved.
@@ -87,6 +87,27 @@ rtrim(char *s)
 	}
 }
 
+/*
+ * returns pointer to character after 'prefix' in 's' or otherwise NULL
+ * if the prefix is not present.
+ */
+const char *
+strprefix(const char *s, const char *prefix, int ignorecase)
+{
+	size_t prefixlen;
+
+	if ((prefixlen = strlen(prefix)) == 0)
+		return s;
+	if (ignorecase) {
+		if (strncasecmp(s, prefix, prefixlen) != 0)
+			return NULL;
+	} else {
+		if (strncmp(s, prefix, prefixlen) != 0)
+			return NULL;
+	}
+	return s + prefixlen;
+}
+
 /* set/unset filedescriptor to non-blocking */
 int
 set_nonblock(int fd)

usr.bin/ssh/misc.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.109 2024/06/06 17:15:25 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.110 2024/09/25 01:24:04 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -56,6 +56,7 @@ struct ForwardOptions {
 char	*chop(char *);
 void	 rtrim(char *);
 void	skip_space(char **);
+const char *strprefix(const char *, const char *, int);
 char	*strdelim(char **);
 char	*strdelimw(char **);
 int	 set_nonblock(int);

usr.bin/ssh/readconf.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.390 2024/09/15 00:57:36 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.391 2024/09/25 01:24:04 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -687,7 +687,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp,
     struct passwd *pw, const char *host_arg, const char *original_host,
     int final_pass, int *want_final_pass, const char *filename, int linenum)
 {
-	char *arg, *oattrib, *attrib, *cmd, *host, *criteria;
+	char *arg, *oattrib, *attrib = NULL, *cmd, *host, *criteria;
 	const char *ruser;
 	int r, this_result, result = 1, attributes = 0, negate;
 
@@ -708,7 +708,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp,
 
 	debug2("checking match for '%s' host %s originally %s",
 	    full_line, host, original_host);
-	while ((oattrib = attrib = argv_next(acp, avp)) != NULL) {
+	while ((oattrib = argv_next(acp, avp)) != NULL) {
+		attrib = xstrdup(oattrib);
 		/* Terminate on comment */
 		if (*attrib == '#') {
 			argv_consume(acp);
@@ -754,9 +755,23 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp,
 			    this_result ? "" : "not ", oattrib);
 			continue;
 		}
+
+		/* Keep this list in sync with below */
+		if (strprefix(attrib, "host=", 1)  != NULL ||
+		    strprefix(attrib, "originalhost=", 1) != NULL ||
+		    strprefix(attrib, "user=", 1) != NULL ||
+		    strprefix(attrib, "localuser=", 1) != NULL ||
+		    strprefix(attrib, "localnetwork=", 1) != NULL ||
+		    strprefix(attrib, "tagged=", 1) != NULL ||
+		    strprefix(attrib, "exec=", 1) != NULL) {
+			arg = strchr(attrib, '=');
+			*(arg++) = '\0';
+		} else {
+			arg = argv_next(acp, avp);
+		}
+
 		/* All other criteria require an argument */
-		if ((arg = argv_next(acp, avp)) == NULL ||
+		if (arg == NULL || *arg == '\0' || *arg == '#') {
-		    *arg == '\0' || *arg == '#') {
 			error("Missing Match criteria for %s", attrib);
 			result = -1;
 			goto out;
@@ -833,6 +848,8 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp,
 		    criteria == NULL ? "" : criteria,
 		    criteria == NULL ? "" : "\"");
 		free(criteria);
+		free(attrib);
+		attrib = NULL;
 	}
 	if (attributes == 0) {
 		error("One or more attributes required for Match");
@@ -842,6 +859,7 @@ match_cfg_line(Options *options, const char *full_line, int *acp, char ***avp,
  out:
 	if (result != -1)
 		debug2("match %sfound", result ? "" : "not ");
+	free(attrib);
 	free(host);
 	return result;
 }

usr.bin/ssh/servconf.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.c,v 1.418 2024/09/15 03:09:44 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.419 2024/09/25 01:24:04 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -973,7 +973,7 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
     int line, struct connection_info *ci)
 {
 	int result = 1, attributes = 0, port;
-	char *arg, *attrib;
+	char *arg, *attrib = NULL, *oattrib;
 
 	if (ci == NULL)
 		debug3("checking syntax for 'Match %s'", full_line);
@@ -987,7 +987,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
 		    ci->laddress ? ci->laddress : "(null)", ci->lport);
 	}
 
-	while ((attrib = argv_next(acp, avp)) != NULL) {
+	while ((oattrib = argv_next(acp, avp)) != NULL) {
+		attrib = xstrdup(oattrib);
 		/* Terminate on comment */
 		if (*attrib == '#') {
 			argv_consume(acp); /* mark all arguments consumed */
@@ -1002,11 +1003,13 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
 			    *arg != '\0' && *arg != '#')) {
 				error("'all' cannot be combined with other "
 				    "Match attributes");
-				return -1;
+				result = -1;
+				goto out;
 			}
 			if (arg != NULL && *arg == '#')
 				argv_consume(acp); /* consume remaining args */
-			return 1;
+			result = 1;
+			goto out;
 		}
 		/* Criterion "invalid-user" also has no argument */
 		if (strcasecmp(attrib, "invalid-user") == 0) {
@@ -1018,11 +1021,26 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
 				debug("matched invalid-user at line %d", line);
 			continue;
 		}
+
+		/* Keep this list in sync with below */
+		if (strprefix(attrib, "user=", 1) != NULL ||
+		    strprefix(attrib, "group=", 1) != NULL ||
+		    strprefix(attrib, "host=", 1) != NULL ||
+		    strprefix(attrib, "address=", 1) != NULL ||
+		    strprefix(attrib, "localaddress=", 1) != NULL ||
+		    strprefix(attrib, "localport=", 1) != NULL ||
+		    strprefix(attrib, "rdomain=", 1) != NULL) {
+			arg = strchr(attrib, '=');
+			*(arg++) = '\0';
+		} else {
+			arg = argv_next(acp, avp);
+		}
+
 		/* All other criteria require an argument */
-		if ((arg = argv_next(acp, avp)) == NULL ||
+		if (arg == NULL || *arg == '\0' || *arg == '#') {
-		    *arg == '\0' || *arg == '#') {
 			error("Missing Match criteria for %s", attrib);
-			return -1;
+			result = -1;
+			goto out;
 		}
 		if (strcasecmp(attrib, "user") == 0) {
 			if (ci == NULL || (ci->test && ci->user == NULL)) {
@@ -1045,7 +1063,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
 				match_test_missing_fatal("Group", "user");
 			switch (match_cfg_line_group(arg, line, ci->user)) {
 			case -1:
-				return -1;
+				result = -1;
+				goto out;
 			case 0:
 				result = 0;
 			}
@@ -1081,7 +1100,8 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
 				result = 0;
 				break;
 			case -2:
-				return -1;
+				result = -1;
+				goto out;
 			}
 		} else if (strcasecmp(attrib, "localaddress") == 0){
 			if (ci == NULL || (ci->test && ci->laddress == NULL)) {
@@ -1106,13 +1126,15 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
 				result = 0;
 				break;
 			case -2:
-				return -1;
+				result = -1;
+				goto out;
 			}
 		} else if (strcasecmp(attrib, "localport") == 0) {
 			if ((port = a2port(arg)) == -1) {
 				error("Invalid LocalPort '%s' on Match line",
 				    arg);
-				return -1;
+				result = -1;
+				goto out;
 			}
 			if (ci == NULL || (ci->test && ci->lport == -1)) {
 				result = 0;
@@ -1140,16 +1162,21 @@ match_cfg_line(const char *full_line, int *acp, char ***avp,
 				debug("user %.100s matched 'RDomain %.100s' at "
 				    "line %d", ci->rdomain, arg, line);
 		} else {
-			error("Unsupported Match attribute %s", attrib);
+			error("Unsupported Match attribute %s", oattrib);
-			return -1;
+			result = -1;
+			goto out;
 		}
+		free(attrib);
+		attrib = NULL;
 	}
 	if (attributes == 0) {
 		error("One or more attributes required for Match");
 		return -1;
 	}
-	if (ci != NULL)
+ out:
+	if (ci != NULL && result != -1)
 		debug3("match %sfound", result ? "" : "not ");
+	free(attrib);
 	return result;
 }
 

usr.bin/ssh/ssh-agent.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.306 2024/03/09 05:12:13 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.307 2024/09/24 02:28:17 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1690,6 +1690,10 @@ process_ext_session_bind(SocketEntry *e)
 		error_fr(r, "parse");
 		goto out;
 	}
+	if (sshbuf_len(sid) > AGENT_MAX_SID_LEN) {
+		error_f("session ID too long");
+		goto out;
+	}
 	if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT,
 	    SSH_FP_DEFAULT)) == NULL)
 		fatal_f("fingerprint failed");

usr.bin/ssh/ssh_config.5

@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.402 2024/09/09 14:41:21 naddy Exp $
+.\" $OpenBSD: ssh_config.5,v 1.403 2024/09/25 06:13:01 jmc Exp $
-.Dd $Mdocdate: September 9 2024 $
+.Dd $Mdocdate: September 25 2024 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -1585,14 +1585,12 @@ ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
 .Ed
 .It Cm ProxyJump
 Specifies one or more jump proxies as either
-.Xo
 .Sm off
 .Op Ar user No @
 .Ar host
 .Op : Ns Ar port
 .Sm on
-or an ssh URI
+or an ssh URI.
-.Xc .
 Multiple proxies may be separated by comma characters and will be visited
 sequentially.
 Setting this option will cause

usr.bin/systat/systat.1

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: systat.1,v 1.122 2022/11/27 22:52:21 kn Exp $
+.\"	$OpenBSD: systat.1,v 1.123 2024/09/25 06:13:01 jmc Exp $
 .\"	$NetBSD: systat.1,v 1.6 1996/05/10 23:16:39 thorpej Exp $
 .\"
 .\" Copyright (c) 1985, 1990, 1993
@@ -30,7 +30,7 @@
 .\"
 .\"	@(#)systat.1	8.2 (Berkeley) 12/30/93
 .\"
-.Dd $Mdocdate: November 27 2022 $
+.Dd $Mdocdate: September 25 2024 $
 .Dt SYSTAT 1
 .Os
 .Sh NAME
@@ -265,10 +265,8 @@ The
 .Dq State
 column has the format
 .Sm off
-.Xo
 .Cm up | dn
 .Bq : Cm U | D .
-.Xc
 .Sm on
 .Sq up
 and

usr.sbin/bgpd/rde.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: rde.c,v 1.633 2024/09/10 09:38:45 claudio Exp $ */
+/*	$OpenBSD: rde.c,v 1.634 2024/09/25 14:46:51 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -3383,11 +3383,7 @@ rde_update_queue_runner(uint8_t aid)
 			if (RB_EMPTY(&peer->withdraws[aid]))
 				continue;
 
-			if ((buf = ibuf_dynamic(4, 4096 - MSGSIZE_HEADER)) ==
+			if ((buf = up_dump_withdraws(peer, aid)) == NULL) {
-			    NULL)
-				fatal("%s", __func__);
-			if (up_dump_withdraws(buf, peer, aid) == -1) {
-				ibuf_free(buf);
 				continue;
 			}
 			if (imsg_compose_ibuf(ibuf_se, IMSG_UPDATE,
@@ -3422,11 +3418,7 @@ rde_update_queue_runner(uint8_t aid)
 				continue;
 			}
 
-			if ((buf = ibuf_dynamic(4, 4096 - MSGSIZE_HEADER)) ==
+			if ((buf = up_dump_update(peer, aid)) == NULL) {
-			    NULL)
-				fatal("%s", __func__);
-			if (up_dump_update(buf, peer, aid) == -1) {
-				ibuf_free(buf);
 				continue;
 			}
 			if (imsg_compose_ibuf(ibuf_se, IMSG_UPDATE,

usr.sbin/bgpd/rde.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: rde.h,v 1.305 2024/08/28 13:21:39 claudio Exp $ */
+/*	$OpenBSD: rde.h,v 1.306 2024/09/25 14:46:51 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org> and
@@ -702,8 +702,8 @@ void		 up_generate_addpath_all(struct rde_peer *, struct rib_entry *,
 		    struct prefix *, struct prefix *);
 void		 up_generate_default(struct rde_peer *, uint8_t);
 int		 up_is_eor(struct rde_peer *, uint8_t);
-int		 up_dump_withdraws(struct ibuf *, struct rde_peer *, uint8_t);
+struct ibuf	*up_dump_withdraws(struct rde_peer *, uint8_t);
-int		 up_dump_update(struct ibuf *, struct rde_peer *, uint8_t);
+struct ibuf	*up_dump_update(struct rde_peer *, uint8_t);
 
 /* rde_aspa.c */
 void		 aspa_validation(struct rde_aspa *, struct aspath *,

usr.sbin/bgpd/rde_update.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: rde_update.c,v 1.168 2024/05/30 08:29:30 claudio Exp $ */
+/*	$OpenBSD: rde_update.c,v 1.169 2024/09/25 14:46:51 claudio Exp $ */
 
 /*
  * Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
@@ -25,6 +25,7 @@
 #include <stdio.h>
 
 #include "bgpd.h"
+#include "session.h"
 #include "rde.h"
 #include "log.h"
 
@@ -948,7 +949,7 @@ up_generate_mp_reach(struct ibuf *buf, struct rde_peer *peer,
 
 	if (up_dump_prefix(buf, &peer->updates[aid], peer, 0) == -1)
 		/* no prefixes written, fail update  */
-		return (-1);
+		return -1;
 
 	/* update MP_REACH attribute length field */
 	len = ibuf_size(buf) - off - sizeof(len);
@@ -983,61 +984,144 @@ up_generate_mp_reach(struct ibuf *buf, struct rde_peer *peer,
  * how may routes can be added. Return 0 on success -1 on error which
  * includes generating an empty withdraw message.
  */
-int
+struct ibuf *
-up_dump_withdraws(struct ibuf *buf, struct rde_peer *peer, uint8_t aid)
+up_dump_withdraws(struct rde_peer *peer, uint8_t aid)
 {
+	struct ibuf *buf;
 	size_t off;
 	uint16_t afi, len;
 	uint8_t safi;
 
+	if ((buf = ibuf_dynamic(4, 4096 - MSGSIZE_HEADER)) == NULL)
+		goto fail;
+
 	/* reserve space for the withdrawn routes length field */
 	off = ibuf_size(buf);
 	if (ibuf_add_zero(buf, sizeof(len)) == -1)
-		return -1;
+		goto fail;
 
 	if (aid != AID_INET) {
 		/* reserve space for 2-byte path attribute length */
 		off = ibuf_size(buf);
 		if (ibuf_add_zero(buf, sizeof(len)) == -1)
-			return -1;
+			goto fail;
 
 		/* attribute header, defaulting to extended length one */
 		if (ibuf_add_n8(buf, ATTR_OPTIONAL | ATTR_EXTLEN) == -1)
-			return -1;
+			goto fail;
 		if (ibuf_add_n8(buf, ATTR_MP_UNREACH_NLRI) == -1)
-			return -1;
+			goto fail;
 		if (ibuf_add_zero(buf, sizeof(len)) == -1)
-			return -1;
+			goto fail;
 
 		/* afi & safi */
 		if (aid2afi(aid, &afi, &safi))
-			fatalx("up_dump_mp_unreach: bad AID");
+			fatalx("%s: bad AID", __func__);
 		if (ibuf_add_n16(buf, afi) == -1)
-			return -1;
+			goto fail;
 		if (ibuf_add_n8(buf, safi) == -1)
-			return -1;
+			goto fail;
 	}
 
 	if (up_dump_prefix(buf, &peer->withdraws[aid], peer, 1) == -1)
-		return -1;
+		goto fail;
 
 	/* update length field (either withdrawn routes or attribute length) */
 	len = ibuf_size(buf) - off - sizeof(len);
 	if (ibuf_set_n16(buf, off, len) == -1)
-		return -1;
+		goto fail;
 
 	if (aid != AID_INET) {
 		/* write MP_UNREACH_NLRI attribute length (always extended) */
 		len -= 4; /* skip attribute header */
 		if (ibuf_set_n16(buf, off + sizeof(len) + 2, len) == -1)
-			return -1;
+			goto fail;
 	} else {
 		/* no extra attributes so set attribute len to 0 */
-		if (ibuf_add_zero(buf, sizeof(len)) == -1)
+		if (ibuf_add_zero(buf, sizeof(len)) == -1) {
-			return -1;
+			goto fail;
+		}
 	}
 
-	return 0;
+	return buf;
+
+ fail:
+	/* something went horribly wrong */
+	log_peer_warn(&peer->conf, "generating withdraw failed, peer desynced");
+	ibuf_free(buf);
+	return NULL;
+}
+
+/*
+ * Withdraw a single prefix after an error.
+ */
+static struct ibuf *
+up_dump_withdraw_one(struct rde_peer *peer, struct prefix *p, struct ibuf *buf)
+{
+	size_t off;
+	int has_ap;
+	uint16_t afi, len;
+	uint8_t safi;
+
+	/* reset the buffer and start fresh */
+	ibuf_truncate(buf, 0);
+
+	/* reserve space for the withdrawn routes length field */
+	off = ibuf_size(buf);
+	if (ibuf_add_zero(buf, sizeof(len)) == -1)
+		goto fail;
+
+	if (p->pt->aid != AID_INET) {
+		/* reserve space for 2-byte path attribute length */
+		off = ibuf_size(buf);
+		if (ibuf_add_zero(buf, sizeof(len)) == -1)
+			goto fail;
+
+		/* attribute header, defaulting to extended length one */
+		if (ibuf_add_n8(buf, ATTR_OPTIONAL | ATTR_EXTLEN) == -1)
+			goto fail;
+		if (ibuf_add_n8(buf, ATTR_MP_UNREACH_NLRI) == -1)
+			goto fail;
+		if (ibuf_add_zero(buf, sizeof(len)) == -1)
+			goto fail;
+
+		/* afi & safi */
+		if (aid2afi(p->pt->aid, &afi, &safi))
+			fatalx("%s: bad AID", __func__);
+		if (ibuf_add_n16(buf, afi) == -1)
+			goto fail;
+		if (ibuf_add_n8(buf, safi) == -1)
+			goto fail;
+	}
+
+	has_ap = peer_has_add_path(peer, p->pt->aid, CAPA_AP_SEND);
+	if (pt_writebuf(buf, p->pt, 1, has_ap, p->path_id_tx) == -1)
+		goto fail;
+
+	/* update length field (either withdrawn routes or attribute length) */
+	len = ibuf_size(buf) - off - sizeof(len);
+	if (ibuf_set_n16(buf, off, len) == -1)
+		goto fail;
+
+	if (p->pt->aid != AID_INET) {
+		/* write MP_UNREACH_NLRI attribute length (always extended) */
+		len -= 4; /* skip attribute header */
+		if (ibuf_set_n16(buf, off + sizeof(len) + 2, len) == -1)
+			goto fail;
+	} else {
+		/* no extra attributes so set attribute len to 0 */
+		if (ibuf_add_zero(buf, sizeof(len)) == -1) {
+			goto fail;
+		}
+	}
+
+	return buf;
+
+ fail:
+	/* something went horribly wrong */
+	log_peer_warn(&peer->conf, "generating withdraw failed, peer desynced");
+	ibuf_free(buf);
+	return NULL;
 }
 
 /*
@@ -1046,9 +1130,10 @@ up_dump_withdraws(struct ibuf *buf, struct rde_peer *peer, uint8_t aid)
  * and then tries to add as many prefixes using these attributes.
  * Return 0 on success -1 on error which includes producing an empty message.
  */
-int
+struct ibuf *
-up_dump_update(struct ibuf *buf, struct rde_peer *peer, uint8_t aid)
+up_dump_update(struct rde_peer *peer, uint8_t aid)
 {
+	struct ibuf *buf;
 	struct bgpd_addr addr;
 	struct prefix *p;
 	size_t off;
@@ -1056,20 +1141,23 @@ up_dump_update(struct ibuf *buf, struct rde_peer *peer, uint8_t aid)
 
 	p = RB_MIN(prefix_tree, &peer->updates[aid]);
 	if (p == NULL)
-		return -1;
+		return NULL;
+
+	if ((buf = ibuf_dynamic(4, 4096 - MSGSIZE_HEADER)) == NULL)
+		goto fail;
 
 	/* withdrawn routes length field is 0 */
 	if (ibuf_add_zero(buf, sizeof(len)) == -1)
-		return -1;
+		goto fail;
 
 	/* reserve space for 2-byte path attribute length */
 	off = ibuf_size(buf);
 	if (ibuf_add_zero(buf, sizeof(len)) == -1)
-		return -1;
+		goto fail;
 
 	if (up_generate_attr(buf, peer, prefix_aspath(p),
 	    prefix_communities(p), prefix_nexthop(p), aid) == -1)
-		goto fail;
+		goto drop;
 
 	if (aid != AID_INET) {
 		/* write mp attribute including nlri */
@@ -1082,29 +1170,35 @@ up_dump_update(struct ibuf *buf, struct rde_peer *peer, uint8_t aid)
 		 */
 		if (up_generate_mp_reach(buf, peer, prefix_nexthop(p), aid) ==
 		    -1)
-			goto fail;
+			goto drop;
 	}
 
 	/* update attribute length field */
 	len = ibuf_size(buf) - off - sizeof(len);
 	if (ibuf_set_n16(buf, off, len) == -1)
-		return -1;
+		goto fail;
 
 	if (aid == AID_INET) {
 		/* last but not least dump the IPv4 nlri */
 		if (up_dump_prefix(buf, &peer->updates[aid], peer, 0) == -1)
-			goto fail;
+			goto drop;
 	}
 
-	return 0;
+	return buf;
 
-fail:
+ drop:
-	/* Not enough space. Drop prefix, it will never fit. */
+	/* Not enough space. Drop current prefix, it will never fit. */
+	p = RB_MIN(prefix_tree, &peer->updates[aid]);
 	pt_getaddr(p->pt, &addr);
-	log_peer_warnx(&peer->conf, "dump of path attributes failed, "
+	log_peer_warnx(&peer->conf, "generating update failed, "
 	    "prefix %s/%d dropped", log_addr(&addr), p->pt->prefixlen);
 
 	up_prefix_free(&peer->updates[aid], p, peer, 0);
-	/* XXX should probably send a withdraw for this prefix */
+	return up_dump_withdraw_one(peer, p, buf);
-	return -1;
+
+ fail:
+	/* something went horribly wrong */
+	log_peer_warn(&peer->conf, "generating update failed, peer desynced");
+	ibuf_free(buf);
+	return NULL;
 }

usr.sbin/sysupgrade/sysupgrade.8

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: sysupgrade.8,v 1.14 2024/09/05 06:39:54 jmc Exp $
+.\"	$OpenBSD: sysupgrade.8,v 1.18 2024/09/25 16:26:37 florian Exp $
 .\"
 .\" Copyright (c) 2019 Florian Obser <florian@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: September 5 2024 $
+.Dd $Mdocdate: September 25 2024 $
 .Dt SYSUPGRADE 8
 .Os
 .Sh NAME
@@ -22,15 +22,15 @@
 .Nd upgrade system to the next release or a new snapshot
 .Sh SYNOPSIS
 .Nm
-.Op Fl fkn
+.Op Fl fkns
-.Op Fl r | s
 .Op Fl b Ar base-directory
+.Op Fl R Ar version
 .Op Ar installurl
 .Sh DESCRIPTION
 .Nm
 is a utility to upgrade
 .Ox
-to the next release or a new snapshot if available.
+to a new release or snapshot if available.
 .Pp
 .Nm
 downloads the necessary files to
@@ -55,8 +55,7 @@ Download files to
 instead of
 .Pa /home/_sysupgrade .
 .It Fl f
-Force an already applied upgrade.
+For snapshots, force an already applied upgrade.
-The default is to upgrade to latest snapshot only if available.
 This option has no effect on releases.
 .It Fl k
 Keep the files in
@@ -66,12 +65,14 @@ By default they will be deleted after the upgrade.
 Fetch and verify the files and create
 .Pa /bsd.upgrade
 but do not reboot.
-.It Fl r
+.It Fl R Ar version
-Upgrade to the next release.
+Upgrade to a specific release version.
-This is the default if the system is currently running a release.
+Only upgrades from one version to the next are tested.
+Skipping versions may work.
+Downgrading is unlikely to work.
 .It Fl s
 Upgrade to a snapshot.
-This is the default if the system is currently running a snapshot.
+The default is to upgrade to the next release.
 .El
 .Pp
 See

usr.sbin/sysupgrade/sysupgrade.sh

@@ -1,6 +1,6 @@
 #!/bin/ksh
 #
-# $OpenBSD: sysupgrade.sh,v 1.52 2024/06/19 05:22:33 otto Exp $
+# $OpenBSD: sysupgrade.sh,v 1.54 2024/09/25 13:55:23 sthen Exp $
 #
 # Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback
 # Copyright (c) 2015 Robert Peichaer <rpe@openbsd.org>
@@ -35,7 +35,7 @@ err()
 
 usage()
 {
-	echo "usage: ${0##*/} [-fkn] [-r | -s] [-b base-directory] [installurl]" 1>&2
+	echo "usage: ${0##*/} [-fkns] [-b base-directory] [-R version] [installurl]" 1>&2
 	return 1
 }
 
@@ -72,19 +72,27 @@ rmel() {
 	echo -n "$_c"
 }
 
-RELEASE=false
 SNAP=false
 FORCE=false
+FORCE_VERSION=false
 KEEP=false
 REBOOT=true
+WHAT='release'
 
-while getopts b:fknrs arg; do
+VERSION=$(uname -r)
+NEXT_VERSION=$(echo ${VERSION} + 0.1 | bc)
+
+while getopts b:fknrR:s arg; do
 	case ${arg} in
 	b)	SETSDIR=${OPTARG}/_sysupgrade;;
 	f)	FORCE=true;;
 	k)	KEEP=true;;
 	n)	REBOOT=false;;
-	r)	RELEASE=true;;
+	r)	;;
+	R)	FORCE_VERSION=true
+		[[ ${OPTARG} == @([0-9]|[0-9][0-9]).[0-9] ]] ||
+		    err "invalid version: ${OPTARG}"
+		NEXT_VERSION=${OPTARG};;
 	s)	SNAP=true;;
 	*)	usage;;
 	esac
@@ -92,13 +100,6 @@ done
 
 (($(id -u) != 0)) && err "need root privileges"
 
-if $RELEASE && $SNAP; then
-	usage
-fi
-
-set -A _KERNV -- $(sysctl -n kern.version |
-	sed 's/^SecBSD \([1-9][0-9]*\.[0-9]\)\([^ ]*\).*/\1 \2/;q')
-
 shift $(( OPTIND -1 ))
 
 case $# in
@@ -111,59 +112,64 @@ case $# in
 esac
 [[ $MIRROR == @(file|ftp|http|https)://* ]] ||
 	err "invalid installurl: $MIRROR"
-
+$FORCE_VERSION && $SNAP &&
-if ! $RELEASE && [[ ${#_KERNV[*]} == 2 ]]; then
+	err "incompatible options: -s -R $NEXT_VERSION"
-	if [[ ${_KERNV[1]} != '-stable' ]]; then
+$FORCE && ! $SNAP &&
-		SNAP=true
+	err "incompatible options: -f without -s"
-	fi
-fi
-
-if $RELEASE && [[ ${_KERNV[1]} == '-beta' ]]; then
-	NEXT_VERSION=${_KERNV[0]}
-else
-	NEXT_VERSION=$(echo ${_KERNV[0]} + 0.1 | bc)
-fi
 
 if $SNAP; then
+	WHAT='snapshot'
 	URL=${MIRROR}/snapshots/${ARCH}/
 else
 	URL=${MIRROR}/${NEXT_VERSION}/${ARCH}/
+	$FORCE_VERSION || ALT_URL=${MIRROR}/${VERSION}/${ARCH}/
 fi
 
 install -d -o 0 -g 0 -m 0755 ${SETSDIR}
 cd ${SETSDIR}
 
 echo "Fetching from ${URL}"
-unpriv -f SHA256.sig ftp -N sysupgrade -Vmo SHA256.sig ${URL}SHA256.sig
+if ! unpriv -f SHA256.sig ftp -N sysupgrade -Vmo SHA256.sig ${URL}SHA256.sig; then
-
+	if [[ -n ${ALT_URL} ]]; then
-_KEY=secbsd-${_KERNV[0]%.*}${_KERNV[0]#*.}-base.pub
+		echo "Fetching from ${ALT_URL}"
-_NEXTKEY=secbsd-${NEXT_VERSION%.*}${NEXT_VERSION#*.}-base.pub
+		unpriv -f SHA256.sig ftp -N sysupgrade -Vmo SHA256.sig ${ALT_URL}SHA256.sig
-
+		URL=${ALT_URL}
-if $SNAP; then
+		NEXT_VERSION=${VERSION}
-	unpriv -f SHA256 signify -Ve -x SHA256.sig -m SHA256
+	else
-else
+		exit 1
-	read _LINE <SHA256.sig
+	fi
-	case ${_LINE} in
-	*\ ${_KEY})	SIGNIFY_KEY=/etc/signify/${_KEY} ;;
-	*\ ${_NEXTKEY})	SIGNIFY_KEY=/etc/signify/${_NEXTKEY} ;;
-	*)		err "invalid signing key" ;;
-	esac
-
-	[[ -f ${SIGNIFY_KEY} ]] || err "cannot find ${SIGNIFY_KEY}"
-
-	unpriv -f SHA256 signify -Ve -p "${SIGNIFY_KEY}" -x SHA256.sig -m SHA256
 fi
 
+SHORT_VERSION=${NEXT_VERSION%.*}${NEXT_VERSION#*.}
+if ! [[ -r /etc/signify/secbsd-${SHORT_VERSION}-base.pub ]]; then
+	echo "${0##*/}: signify key not found; download into /etc/signify from" 1>&2
+	echo "https://ftp.secbsd.org/pub/SecBSD/signify/secbsd-${SHORT_VERSION}-base.pub" 1>&2
+	exit 1
+fi
+
+unpriv -f SHA256 signify -Ve -x SHA256.sig -m SHA256
 rm SHA256.sig
 
 if cmp -s /var/db/installed.SHA256 SHA256 && ! $FORCE; then
-	echo "Already on latest snapshot."
+	echo "Already on latest ${WHAT}."
 	exit 0
 fi
 
-# BUILDINFO INSTALL.*, bsd*, *.tgz
+unpriv -f BUILDINFO ftp -N sysupgrade -Vmo BUILDINFO ${URL}BUILDINFO
+unpriv cksum -qC SHA256 BUILDINFO
+
+if [[ -e /var/db/installed.BUILDINFO ]]; then
+	installed_build_ts=$(cut -f3 -d' ' /var/db/installed.BUILDINFO)
+	build_ts=$(cut -f3 -d' ' BUILDINFO)
+	if (( $build_ts <= $installed_build_ts )) && ! $FORCE; then
+		echo "Downloaded ${WHAT} is older than installed system. Use -f to force downgrade."
+		exit 1
+	fi
+fi
+
+# INSTALL.*, bsd*, *.tgz
 SETS=$(sed -n -e 's/^SHA256 (\(.*\)) .*/\1/' \
-    -e '/^BUILDINFO$/p;/^INSTALL\./p;/^bsd/p;/\.tgz$/p' SHA256)
+    -e '/^INSTALL\./p;/^bsd/p;/\.tgz$/p' SHA256)
 
 OLD_FILES=$(ls)
 OLD_FILES=$(rmel SHA256 $OLD_FILES)
@@ -187,15 +193,6 @@ if [[ -n ${DL} ]]; then
 	unpriv cksum -qC SHA256 ${DL}
 fi
 
-if [[ -e /var/db/installed.BUILDINFO && -e BUILDINFO ]]; then
-	installed_build_ts=$(cut -f3 -d' ' /var/db/installed.BUILDINFO)
-	build_ts=$(cut -f3 -d' ' BUILDINFO)
-	if (( $build_ts < $installed_build_ts )) && ! $FORCE; then
-		echo "Downloaded snapshot is older than installed snapshot. Use -f to force downgrade."
-		exit 1
-	fi
-fi
-
 cat <<__EOT >/auto_upgrade.conf
 Location of sets = disk
 Pathname to the sets = ${SETSDIR}/

usr.sbin/vmd/sev.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: sev.c,v 1.2 2024/09/20 02:00:46 jsg Exp $	*/
+/*	$OpenBSD: sev.c,v 1.3 2024/09/25 04:19:36 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2023, 2024 Hans-Joerg Hoexer <hshoexer@genua.de>
@@ -17,8 +17,8 @@
  */
 
 #include <sys/types.h>
+#include <sys/param.h>	/* roundup */
 #include <sys/device.h>
-#include <sys/param.h>
 #include <sys/rwlock.h>
 
 #include <machine/bus.h>

usr.sbin/vmd/vmd.8

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: vmd.8,v 1.10 2022/01/05 17:39:25 jmc Exp $
+.\"	$OpenBSD: vmd.8,v 1.12 2024/09/24 20:02:39 jmc Exp $
 .\"
 .\" Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: January 5 2022 $
+.Dd $Mdocdate: September 24 2024 $
 .Dt VMD 8
 .Os
 .Sh NAME
@@ -63,8 +63,24 @@ such as stopping VMs, and retrieving information from
 .Xr vmm 4
 about running VMs.
 .Pp
+When the host machine is shut down,
+.Nm
+sends each running VM a shutdown request via the
+.Xr vmmci 4
+device.
+If the VMs are vmmci-aware,
+this provides each VM the chance to shut down cleanly in anticipation
+of host shutdown.
+During shutdown,
+.Nm
+waits 30 seconds for the VMs to terminate cleanly before forcibly
+stopping them.
+This 30 second default can be changed by
+.Dq rcctl set vmd timeout n ,
+where 'n' is the desired timeout in seconds.
+.Pp
 The options are as follows:
-.Bl -tag -width Dssmacro=value
+.Bl -tag -width Ds
 .It Fl D Ar macro Ns = Ns Ar value
 Define
 .Ar macro
@@ -108,6 +124,7 @@ socket used for communication with
 .El
 .Sh SEE ALSO
 .Xr vmm 4 ,
+.Xr vmmci 4 ,
 .Xr vm.conf 5 ,
 .Xr rc.conf 8 ,
 .Xr vmctl 8
@@ -117,6 +134,7 @@ The
 command first appeared in
 .Ox 5.9 .
 .Sh AUTHORS
+.An -nosplit
 .An Mike Larkin Aq Mt mlarkin@openbsd.org
 and
-.An Reyk Floeter Aq Mt reyk@openbsd.org
+.An Reyk Floeter Aq Mt reyk@openbsd.org .