SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync with OpenBSD -current

Browse source
This commit is contained in:
purplerain 2024-07-24 20:05:56 +00:00
parent e0e35f76e8
commit acf2ed1690
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
32 changed files with 354 additions and 212 deletions
Download patch file Download diff file Expand all files Collapse all files

7
lib/libcrypto/man/BUF_MEM_new.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: BUF_MEM_new.3,v 1.18 2023/07/27 06:20:45 tb Exp $
.\" $OpenBSD: BUF_MEM_new.3,v 1.19 2024/07/24 08:57:58 tb Exp $
.\" OpenSSL doc/crypto/buffer.pod 18edda0f Sep 20 03:28:54 2000 +0000
.\" not merged: 74924dcb, 58e3457a, 21b0fa91, 7644a9ae
.\" OpenSSL doc/crypto/BUF_MEM_new.pod 53934822 Jun 9 16:39:19 2016 -0400
@ -52,7 +52,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: July 27 2023 $
.Dd $Mdocdate: July 24 2024 $
.Dt BUF_MEM_NEW 3
.Os
.Sh NAME
@ -90,8 +90,7 @@ The library uses the
.Vt BUF_MEM
structure defined in buffer.h:
.Bd -literal
typedef struct buf_mem_st
{
typedef struct buf_mem_st {
size_t length; /* current number of bytes */
char *data;
size_t max; /* size of buffer */

12
lib/libradius/Makefile
View file

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.3 2016/03/30 06:38:43 jmc Exp $
# $OpenBSD: Makefile,v 1.4 2024/07/24 08:22:26 yasuoka Exp $
LIB= radius
SRCS= radius.c radius_attr.c radius_msgauth.c radius_userpass.c \
@ -9,7 +9,8 @@ CFLAGS+= -Wall
MAN= radius_new_request_packet.3
.include <bsd.lib.mk>
VERSION_SCRIPT= Symbols.map
SYMBOL_LIST= ${.CURDIR}/Symbols.list
includes:
@cd ${.CURDIR}; for i in $(INCS); do \
@ -19,3 +20,10 @@ includes:
echo $$j; \
eval "$$j"; \
done
${VERSION_SCRIPT}: ${SYMBOL_LIST}
{ printf '{\n\tglobal:\n'; \
sed '/^[._a-zA-Z]/s/$$/;/; s/^/ /' ${SYMBOL_LIST}; \
printf '\n\tlocal:\n\t\t*;\n};\n'; } >$@.tmp && mv $@.tmp $@
.include <bsd.lib.mk>

89
lib/libradius/Symbols.list Normal file
View file

@ -0,0 +1,89 @@
radius_check_accounting_request_authenticator
radius_check_message_authenticator
radius_check_response_authenticator
radius_convert_packet
radius_decrypt_mppe_key_attr
radius_decrypt_user_password_attr
radius_del_attr_all
radius_del_vs_attr_all
radius_delete_packet
radius_encrypt_mppe_key_attr
radius_encrypt_user_password_attr
radius_get_authenticator
radius_get_authenticator_retval
radius_get_code
radius_get_data
radius_get_eap_msk
radius_get_id
radius_get_ipv4_attr
radius_get_ipv6_attr
radius_get_length
radius_get_mppe_recv_key_attr
radius_get_mppe_send_key_attr
radius_get_raw_attr
radius_get_raw_attr_cat
radius_get_raw_attr_ptr
radius_get_request_authenticator_retval
radius_get_request_packet
radius_get_string_attr
radius_get_uint16_attr
radius_get_uint32_attr
radius_get_uint64_attr
radius_get_user_password_attr
radius_get_vs_ipv4_attr
radius_get_vs_ipv6_attr
radius_get_vs_raw_attr
radius_get_vs_raw_attr_cat
radius_get_vs_raw_attr_ptr
radius_get_vs_string_attr
radius_get_vs_uint16_attr
radius_get_vs_uint32_attr
radius_get_vs_uint64_attr
radius_has_attr
radius_has_vs_attr
radius_new_request_packet
radius_new_response_packet
radius_put_ipv4_attr
radius_put_ipv6_attr
radius_put_message_authenticator
radius_put_mppe_recv_key_attr
radius_put_mppe_send_key_attr
radius_put_raw_attr
radius_put_raw_attr_cat
radius_put_string_attr
radius_put_uint16_attr
radius_put_uint32_attr
radius_put_uint64_attr
radius_put_user_password_attr
radius_put_vs_ipv4_attr
radius_put_vs_ipv6_attr
radius_put_vs_raw_attr
radius_put_vs_raw_attr_cat
radius_put_vs_string_attr
radius_put_vs_uint16_attr
radius_put_vs_uint32_attr
radius_put_vs_uint64_attr
radius_recv
radius_recvfrom
radius_recvmsg
radius_send
radius_sendmsg
radius_sendto
radius_set_accounting_request_authenticator
radius_set_id
radius_set_ipv4_attr
radius_set_ipv6_attr
radius_set_message_authenticator
radius_set_raw_attr
radius_set_request_packet
radius_set_response_authenticator
radius_set_uint16_attr
radius_set_uint32_attr
radius_set_uint64_attr
radius_set_vs_ipv4_attr
radius_set_vs_ipv6_attr
radius_set_vs_raw_attr
radius_set_vs_uint16_attr
radius_set_vs_uint32_attr
radius_set_vs_uint64_attr
radius_update_id

27
lib/libradius/radius_attr.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: radius_attr.c,v 1.2 2023/07/08 08:53:26 yasuoka Exp $ */
/* $OpenBSD: radius_attr.c,v 1.3 2024/07/24 08:19:16 yasuoka Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
@ -199,6 +199,31 @@ radius_put_raw_attr(RADIUS_PACKET * packet, uint8_t type, const void *buf,
return (0);
}
int
radius_unshift_raw_attr(RADIUS_PACKET * packet, uint8_t type, const void *buf,
size_t length)
{
RADIUS_ATTRIBUTE *newattr;
if (length > 255 - 2)
return (-1);
if (radius_ensure_add_capacity(packet, length + 2) != 0)
return (-1);
memmove(packet->pdata->attributes + length + 2,
packet->pdata->attributes,
radius_get_length(packet) - sizeof(RADIUS_PACKET_DATA));
newattr = ATTRS_BEGIN(packet->pdata);
newattr->type = type;
newattr->length = length + 2;
memcpy(newattr->data, buf, length);
packet->pdata->length = htons(radius_get_length(packet) + length + 2);
return (0);
}
int
radius_put_vs_raw_attr(RADIUS_PACKET * packet, uint32_t vendor, uint8_t vtype,
const void *buf, size_t length)

4
lib/libradius/radius_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: radius_local.h,v 1.1 2015/07/20 23:52:29 yasuoka Exp $ */
/* $OpenBSD: radius_local.h,v 1.2 2024/07/24 08:19:16 yasuoka Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
@ -74,6 +74,8 @@ struct _RADIUS_PACKET {
#define ATTRS_ADVANCE(x) (x = ATTRS_NEXT(x))
int radius_ensure_add_capacity(RADIUS_PACKET * packet, size_t capacity);
int radius_unshift_raw_attr(RADIUS_PACKET * packet, uint8_t type,
const void *buf, size_t length);
#define ROUNDUP(a, b) ((((a) + (b) - 1) / (b)) * (b))
#define MINIMUM(a, b) (((a) < (b))? (a) : (b))

4
lib/libradius/radius_msgauth.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: radius_msgauth.c,v 1.2 2021/12/16 17:32:51 tb Exp $ */
/* $OpenBSD: radius_msgauth.c,v 1.3 2024/07/24 08:19:16 yasuoka Exp $ */
/*-
* Copyright (c) 2009 Internet Initiative Japan Inc.
@ -112,7 +112,7 @@ radius_put_message_authenticator(RADIUS_PACKET * packet, const char *secret)
* because content of Message-Authenticator attribute is assumed zero
* during calculation.
*/
if (radius_put_raw_attr(packet, RADIUS_TYPE_MESSAGE_AUTHENTICATOR,
if (radius_unshift_raw_attr(packet, RADIUS_TYPE_MESSAGE_AUTHENTICATOR,
ma, sizeof(ma)) != 0)
return (-1);

14
lib/libradius/radius_new_request_packet.3
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: radius_new_request_packet.3,v 1.6 2022/09/11 06:38:11 jmc Exp $
.\" $OpenBSD: radius_new_request_packet.3,v 1.7 2024/07/24 08:19:16 yasuoka Exp $
.\"
.\" Copyright (c) 2009 Internet Initiative Japan Inc.
.\" All rights reserved.
@ -24,7 +24,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd $Mdocdate: September 11 2022 $
.Dd $Mdocdate: July 24 2024 $
.Dt RADIUS_NEW_REQUEST_PACKET 3
.Os
.Sh NAME
@ -285,6 +285,10 @@ There are helper functions for Message-Authenticator attributes.
and
.Fn radius_set_message_authenticator
calculate a Message-Authenticator and put or set it to packet, respectively.
When
.Fn radius_put_message_authenticator
is used,
the Message-Authenticator attribute is placed at the first in the attributes.
.Pp
.Fn radius_check_message_authenticator
checks a Message-Authenticator.
@ -368,9 +372,9 @@ NULL on failure.
.Sh HISTORY
The
.Nm radius+
library was first written by UMEZAWA Takeshi in 2002 for the ID gateway service
of Internet Initiative Japan.
YASUOKA Masahiko added support for Message-Authentication attributes in 2008.
library was first written by UMEZAWA Takeshi in 2002 for the ID Gateway service
of Internet Initiative Japan Inc.
YASUOKA Masahiko added support for Message-Authenticator attributes in 2008.
.Ox
project rewrote C++ code to pure C code in 2010.
The

2
lib/libradius/shlib_version
View file

@ -1,2 +1,2 @@
major=1
major=2
minor=0

16
lib/libsndio/sioctl_sun.c
View file

@ -472,9 +472,18 @@ sioctl_sun_pollfd(struct sioctl_hdl *addr, struct pollfd *pfd, int events)
{
struct sioctl_sun_hdl *hdl = (struct sioctl_sun_hdl *)addr;
hdl->events = events;
/*
* The audio(4) driver doesn't support POLLOUT, so if it is
* requested, don't set the struct pollfd. The AUDIO_MIXER_WRITE
* ioctl never blocks, so just return POLLOUT in sioctl_sun_revents().
*/
if (events & POLLOUT)
return 0;
pfd->fd = hdl->fd;
pfd->events = POLLIN;
hdl->events = events;
return 1;
}
@ -485,6 +494,9 @@ sioctl_sun_revents(struct sioctl_hdl *arg, struct pollfd *pfd)
struct volume *vol;
int idx, n;
if (hdl->events & POLLOUT)
return POLLOUT;
if (pfd->revents & POLLIN) {
while (1) {
n = read(hdl->fd, &idx, sizeof(int));
@ -514,5 +526,5 @@ sioctl_sun_revents(struct sioctl_hdl *arg, struct pollfd *pfd)
return POLLHUP;
}
}
return hdl->events & POLLOUT;
return 0;
}

23
lib/libssl/d1_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: d1_lib.c,v 1.64 2022/11/26 16:08:55 tb Exp $ */
/* $OpenBSD: d1_lib.c,v 1.65 2024/07/23 14:40:53 jsing Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@ -250,27 +250,6 @@ dtls1_ctrl(SSL *s, int cmd, long larg, void *parg)
return (ret);
}
/*
* As it's impossible to use stream ciphers in "datagram" mode, this
* simple filter is designed to disengage them in DTLS. Unfortunately
* there is no universal way to identify stream SSL_CIPHER, so we have
* to explicitly list their SSL_* codes. Currently RC4 is the only one
* available, but if new ones emerge, they will have to be added...
*/
const SSL_CIPHER *
dtls1_get_cipher(unsigned int u)
{
const SSL_CIPHER *cipher;
if ((cipher = ssl3_get_cipher(u)) == NULL)
return NULL;
if (cipher->algorithm_enc == SSL_RC4)
return NULL;
return cipher;
}
void
dtls1_start_timer(SSL *s)
{

12
lib/libssl/s3_lib.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: s3_lib.c,v 1.256 2024/07/22 14:47:15 jsing Exp $ */
/* $OpenBSD: s3_lib.c,v 1.257 2024/07/23 14:40:53 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -1127,12 +1127,12 @@ ssl3_num_ciphers(void)
}
const SSL_CIPHER *
ssl3_get_cipher(unsigned int u)
ssl3_get_cipher_by_index(int idx)
{
if (u < SSL3_NUM_CIPHERS)
return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
else
return (NULL);
if (idx < 0 || idx >= SSL3_NUM_CIPHERS)
return NULL;
return &ssl3_ciphers[idx];
}
static int

47
lib/libssl/ssl_ciph.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ssl_ciph.c,v 1.146 2024/07/22 14:47:15 jsing Exp $ */
/* $OpenBSD: ssl_ciph.c,v 1.147 2024/07/23 14:40:53 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -576,22 +576,6 @@ ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
*head = curr;
}
/* XXX beck: remove this in a followon to removing GOST */
static void
ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
unsigned long *enc, unsigned long *mac, unsigned long *ssl)
{
*mkey = 0;
*auth = 0;
*enc = 0;
*mac = 0;
*ssl = 0;
#ifdef SSL_FORBID_ENULL
*enc |= SSL_eNULL;
#endif
}
static void
ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers,
unsigned long disabled_mkey, unsigned long disabled_auth,
@ -608,10 +592,15 @@ ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers,
* a linked list with at most num entries.
*/
/* Get the initial list of ciphers */
/*
* Get the initial list of ciphers, iterating backwards over the
* cipher list - the list is ordered by cipher value and we currently
* hope that ciphers with higher cipher values are preferable...
*/
co_list_num = 0; /* actual count of ciphers */
for (i = 0; i < num_of_ciphers; i++) {
c = ssl_method->get_cipher(i);
for (i = num_of_ciphers - 1; i >= 0; i--) {
c = ssl3_get_cipher_by_index(i);
/*
* Drop any invalid ciphers and any which use unavailable
* algorithms.
@ -1153,11 +1142,19 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
if (rule_str == NULL || cipher_list == NULL)
goto err;
/*
* To reduce the work to do we only want to process the compiled
* in algorithms, so we first get the mask of disabled ciphers.
*/
ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, &disabled_mac, &disabled_ssl);
disabled_mkey = 0;
disabled_auth = 0;
disabled_enc = 0;
disabled_mac = 0;
disabled_ssl = 0;
#ifdef SSL_FORBID_ENULL
disabled_enc |= SSL_eNULL;
#endif
/* DTLS cannot be used with stream ciphers. */
if (ssl_method->dtls)
disabled_enc |= SSL_RC4;
/*
* Now we have to collect the available ciphers from the compiled

6
lib/libssl/ssl_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ssl_local.h,v 1.22 2024/07/22 14:47:15 jsing Exp $ */
/* $OpenBSD: ssl_local.h,v 1.23 2024/07/23 14:40:54 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -379,8 +379,6 @@ struct ssl_method_st {
int peek);
int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
const SSL_CIPHER *(*get_cipher)(unsigned int ncipher);
unsigned int enc_flags; /* SSL_ENC_FLAG_* */
};
@ -1290,7 +1288,7 @@ int ssl3_send_alert(SSL *s, int level, int desc);
int ssl3_get_req_cert_types(SSL *s, CBB *cbb);
int ssl3_get_message(SSL *s, int st1, int stn, int mt, long max);
int ssl3_num_ciphers(void);
const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
const SSL_CIPHER *ssl3_get_cipher_by_index(int idx);
const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value);
int ssl3_renegotiate(SSL *ssl);

17
lib/libssl/ssl_methods.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: ssl_methods.c,v 1.31 2023/07/08 16:40:13 beck Exp $ */
/* $OpenBSD: ssl_methods.c,v 1.32 2024/07/23 14:40:54 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -77,7 +77,6 @@ static const SSL_METHOD DTLS_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
.get_cipher = dtls1_get_cipher,
.enc_flags = TLSV1_2_ENC_FLAGS,
};
@ -98,7 +97,6 @@ static const SSL_METHOD DTLS_client_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
.get_cipher = dtls1_get_cipher,
.enc_flags = TLSV1_2_ENC_FLAGS,
};
@ -119,7 +117,6 @@ static const SSL_METHOD DTLSv1_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
.get_cipher = dtls1_get_cipher,
.enc_flags = TLSV1_1_ENC_FLAGS,
};
@ -140,7 +137,6 @@ static const SSL_METHOD DTLSv1_client_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
.get_cipher = dtls1_get_cipher,
.enc_flags = TLSV1_1_ENC_FLAGS,
};
@ -161,7 +157,6 @@ static const SSL_METHOD DTLSv1_2_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
.get_cipher = dtls1_get_cipher,
.enc_flags = TLSV1_2_ENC_FLAGS,
};
@ -182,7 +177,6 @@ static const SSL_METHOD DTLSv1_2_client_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = dtls1_read_bytes,
.ssl_write_bytes = dtls1_write_app_data_bytes,
.get_cipher = dtls1_get_cipher,
.enc_flags = TLSV1_2_ENC_FLAGS,
};
@ -266,7 +260,6 @@ static const SSL_METHOD TLS_method_data = {
.ssl_pending = tls13_legacy_pending,
.ssl_read_bytes = tls13_legacy_read_bytes,
.ssl_write_bytes = tls13_legacy_write_bytes,
.get_cipher = ssl3_get_cipher,
.enc_flags = TLSV1_3_ENC_FLAGS,
};
@ -287,7 +280,6 @@ static const SSL_METHOD TLS_legacy_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
.get_cipher = ssl3_get_cipher,
.enc_flags = TLSV1_2_ENC_FLAGS,
};
@ -308,7 +300,6 @@ static const SSL_METHOD TLS_client_method_data = {
.ssl_pending = tls13_legacy_pending,
.ssl_read_bytes = tls13_legacy_read_bytes,
.ssl_write_bytes = tls13_legacy_write_bytes,
.get_cipher = ssl3_get_cipher,
.enc_flags = TLSV1_3_ENC_FLAGS,
};
@ -329,7 +320,6 @@ static const SSL_METHOD TLSv1_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
.get_cipher = ssl3_get_cipher,
.enc_flags = TLSV1_ENC_FLAGS,
};
@ -350,7 +340,6 @@ static const SSL_METHOD TLSv1_client_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
.get_cipher = ssl3_get_cipher,
.enc_flags = TLSV1_ENC_FLAGS,
};
@ -371,7 +360,6 @@ static const SSL_METHOD TLSv1_1_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
.get_cipher = ssl3_get_cipher,
.enc_flags = TLSV1_1_ENC_FLAGS,
};
@ -392,7 +380,6 @@ static const SSL_METHOD TLSv1_1_client_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
.get_cipher = ssl3_get_cipher,
.enc_flags = TLSV1_1_ENC_FLAGS,
};
@ -413,7 +400,6 @@ static const SSL_METHOD TLSv1_2_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
.get_cipher = ssl3_get_cipher,
.enc_flags = TLSV1_2_ENC_FLAGS,
};
@ -434,7 +420,6 @@ static const SSL_METHOD TLSv1_2_client_method_data = {
.ssl_pending = ssl3_pending,
.ssl_read_bytes = ssl3_read_bytes,
.ssl_write_bytes = ssl3_write_bytes,
.get_cipher = ssl3_get_cipher,
.enc_flags = TLSV1_2_ENC_FLAGS,
};

11
regress/lib/libssl/ciphers/cipherstest.c
View file

@ -1,4 +1,3 @@
/* $OpenBSD: cipherstest.c,v 1.15 2024/07/17 15:22:56 tb Exp $ */
/*
* Copyright (c) 2015, 2020 Joel Sing <jsing@openbsd.org>
*
@ -24,7 +23,7 @@
#include <string.h>
int ssl3_num_ciphers(void);
const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
const SSL_CIPHER *ssl3_get_cipher_by_index(int idx);
int ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str);
@ -48,12 +47,8 @@ check_cipher_order(void)
num_ciphers = ssl3_num_ciphers();
for (i = 1; i <= num_ciphers; i++) {
/*
* For some reason, ssl3_get_cipher() returns ciphers in
* reverse order.
*/
if ((cipher = ssl3_get_cipher(num_ciphers - i)) == NULL) {
for (i = 0; i < num_ciphers; i++) {
if ((cipher = ssl3_get_cipher_by_index(i)) == NULL) {
fprintf(stderr, "FAIL: ssl3_get_cipher(%d) returned "
"NULL\n", i);
return 1;

4
sys/dev/pv/virtio.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: virtio.c,v 1.25 2024/05/24 10:05:55 jsg Exp $ */
/* $OpenBSD: virtio.c,v 1.26 2024/07/23 19:14:05 sf Exp $ */
/* $NetBSD: virtio.c,v 1.3 2011/11/02 23:05:52 njoly Exp $ */
/*
@ -807,7 +807,7 @@ virtio_dequeue(struct virtio_softc *sc, struct virtqueue *vq,
* if you forget to call this the slot will be leaked.
*
* Don't call this if you use statically allocated slots
* and virtio_dequeue_trim().
* and virtio_enqueue_trim().
*/
int
virtio_dequeue_commit(struct virtqueue *vq, int slot)

40
sys/dev/usb/uaudio.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uaudio.c,v 1.174 2023/12/10 06:32:14 ratchov Exp $ */
/* $OpenBSD: uaudio.c,v 1.175 2024/07/23 08:59:21 ratchov Exp $ */
/*
* Copyright (c) 2018 Alexandre Ratchov <alex@caoua.org>
*
@ -2702,6 +2702,22 @@ uaudio_fixup_params(struct uaudio_softc *sc)
}
}
int
uaudio_iface_index(struct uaudio_softc *sc, int ifnum)
{
int i, nifaces;
nifaces = sc->udev->cdesc->bNumInterfaces;
for (i = 0; i < nifaces; i++) {
if (sc->udev->ifaces[i].idesc->bInterfaceNumber == ifnum)
return i;
}
printf("%s: %d: invalid interface number\n", __func__, ifnum);
return -1;
}
/*
* Parse all descriptors and build configuration of the device.
*/
@ -2711,6 +2727,7 @@ uaudio_process_conf(struct uaudio_softc *sc, struct uaudio_blob *p)
struct uaudio_blob dp;
struct uaudio_alt *a;
unsigned int type, ifnum, altnum, nep, class, subclass;
int i;
while (p->rptr != p->wptr) {
if (!uaudio_getdesc(p, &dp))
@ -2736,7 +2753,8 @@ uaudio_process_conf(struct uaudio_softc *sc, struct uaudio_blob *p)
switch (subclass) {
case UISUBCLASS_AUDIOCONTROL:
if (usbd_iface_claimed(sc->udev, ifnum)) {
i = uaudio_iface_index(sc, ifnum);
if (i != -1 && usbd_iface_claimed(sc->udev, i)) {
DPRINTF("%s: %d: AC already claimed\n", __func__, ifnum);
break;
}
@ -2748,7 +2766,8 @@ uaudio_process_conf(struct uaudio_softc *sc, struct uaudio_blob *p)
return 0;
break;
case UISUBCLASS_AUDIOSTREAM:
if (usbd_iface_claimed(sc->udev, ifnum)) {
i = uaudio_iface_index(sc, ifnum);
if (i != -1 && usbd_iface_claimed(sc->udev, i)) {
DPRINTF("%s: %d: AS already claimed\n", __func__, ifnum);
break;
}
@ -2768,10 +2787,19 @@ done:
* Claim all interfaces we use. This prevents other uaudio(4)
* devices from trying to use them.
*/
for (a = sc->alts; a != NULL; a = a->next)
usbd_claim_iface(sc->udev, a->ifnum);
for (a = sc->alts; a != NULL; a = a->next) {
i = uaudio_iface_index(sc, a->ifnum);
if (i != -1) {
DPRINTF("%s: claim: %d at %d\n", __func__, a->ifnum, i);
usbd_claim_iface(sc->udev, i);
}
}
usbd_claim_iface(sc->udev, sc->ctl_ifnum);
i = uaudio_iface_index(sc, sc->ctl_ifnum);
if (i != -1) {
DPRINTF("%s: claim: ac %d at %d\n", __func__, sc->ctl_ifnum, i);
usbd_claim_iface(sc->udev, i);
}
return 1;
}

19
sys/kern/kern_exit.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: kern_exit.c,v 1.225 2024/07/22 08:18:53 claudio Exp $ */
/* $OpenBSD: kern_exit.c,v 1.227 2024/07/24 15:30:17 claudio Exp $ */
/* $NetBSD: kern_exit.c,v 1.39 1996/04/22 01:38:25 christos Exp $ */
/*
@ -458,8 +458,6 @@ reaper(void *arg)
WITNESS_THREAD_EXIT(p);
KERNEL_LOCK();
/*
* Free the VM resources we're still holding on to.
* We must do this from a valid thread because doing
@ -470,13 +468,16 @@ reaper(void *arg)
if (p->p_flag & P_THREAD) {
/* Just a thread */
KERNEL_LOCK();
proc_free(p);
KERNEL_UNLOCK();
} else {
struct process *pr = p->p_p;
/* Release the rest of the process's vmspace */
uvm_exit(pr);
KERNEL_LOCK();
if ((pr->ps_flags & PS_NOZOMBIE) == 0) {
/* Process is now a true zombie. */
atomic_setbits_int(&pr->ps_flags, PS_ZOMBIE);
@ -493,11 +494,10 @@ reaper(void *arg)
/* No one will wait for us, just zap it. */
process_zap(pr);
}
}
KERNEL_UNLOCK();
}
}
}
int
dowait6(struct proc *q, idtype_t idtype, id_t id, int *statusp, int options,
@ -550,10 +550,9 @@ loop:
return (0);
}
if ((options & WTRAPPED) &&
pr->ps_flags & PS_TRACED &&
(pr->ps_flags & PS_TRACED) &&
(pr->ps_flags & PS_WAITED) == 0 && pr->ps_single &&
pr->ps_single->p_stat == SSTOP &&
(pr->ps_single->p_flag & P_SUSPSINGLE) == 0) {
pr->ps_single->p_stat == SSTOP) {
if (single_thread_wait(pr, 0))
goto loop;
@ -578,8 +577,8 @@ loop:
if (p->p_stat == SSTOP &&
(pr->ps_flags & PS_WAITED) == 0 &&
(p->p_flag & P_SUSPSINGLE) == 0 &&
(pr->ps_flags & PS_TRACED ||
options & WUNTRACED)) {
((pr->ps_flags & PS_TRACED) ||
(options & WUNTRACED))) {
if ((options & WNOWAIT) == 0)
atomic_setbits_int(&pr->ps_flags, PS_WAITED);

4
sys/kern/kern_sig.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: kern_sig.c,v 1.333 2024/07/22 09:43:47 claudio Exp $ */
/* $OpenBSD: kern_sig.c,v 1.334 2024/07/24 15:31:08 claudio Exp $ */
/* $NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $ */
/*
@ -2164,6 +2164,7 @@ single_thread_set(struct proc *p, int flags)
panic("single_thread_mode = %d", mode);
#endif
}
KASSERT((p->p_flag & P_SUSPSINGLE) == 0);
pr->ps_single = p;
pr->ps_singlecnt = pr->ps_threadcnt;
@ -2233,6 +2234,7 @@ single_thread_wait(struct process *pr, int recheck)
if (!recheck)
break;
}
KASSERT((pr->ps_single->p_flag & P_SUSPSINGLE) == 0);
mtx_leave(&pr->ps_mtx);
return wait;

11
sys/kern/kern_synch.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: kern_synch.c,v 1.205 2024/06/03 12:48:25 claudio Exp $ */
/* $OpenBSD: kern_synch.c,v 1.206 2024/07/23 08:38:02 claudio Exp $ */
/* $NetBSD: kern_synch.c,v 1.37 1996/04/22 01:38:37 christos Exp $ */
/*
@ -62,7 +62,7 @@
#include <sys/ktrace.h>
#endif
int sleep_signal_check(void);
int sleep_signal_check(struct proc *);
int thrsleep(struct proc *, struct sys___thrsleep_args *);
int thrsleep_unlock(void *);
@ -385,7 +385,7 @@ sleep_finish(int timo, int do_sleep)
* we must be ready for sleep when sleep_signal_check() is
* called.
*/
if ((error = sleep_signal_check()) != 0) {
if ((error = sleep_signal_check(p)) != 0) {
catch = 0;
do_sleep = 0;
}
@ -438,7 +438,7 @@ sleep_finish(int timo, int do_sleep)
/* Check if thread was woken up because of a unwind or signal */
if (catch != 0)
error = sleep_signal_check();
error = sleep_signal_check(p);
/* Signal errors are higher priority than timeouts. */
if (error == 0 && error1 != 0)
@ -451,9 +451,8 @@ sleep_finish(int timo, int do_sleep)
* Check and handle signals and suspensions around a sleep cycle.
*/
int
sleep_signal_check(void)
sleep_signal_check(struct proc *p)
{
struct proc *p = curproc;
struct sigctx ctx;
int err, sig;

22
sys/kern/subr_log.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: subr_log.c,v 1.78 2023/09/22 20:03:05 mvs Exp $ */
/* $OpenBSD: subr_log.c,v 1.79 2024/07/24 13:37:05 claudio Exp $ */
/* $NetBSD: subr_log.c,v 1.11 1996/03/30 22:24:44 christos Exp $ */
/*
@ -73,10 +73,11 @@
/*
* Locking:
* L log_mtx
* Q log_kq_mtx
*/
struct logsoftc {
int sc_state; /* [L] see above for possibilities */
struct klist sc_klist; /* process waiting on kevent call */
struct klist sc_klist; /* [Q] process waiting on kevent call */
struct sigio_ref sc_sigio; /* async I/O registration */
int sc_need_wakeup; /* if set, wake up waiters */
struct timeout sc_tick; /* wakeup poll timeout */
@ -97,6 +98,8 @@ struct rwlock syslogf_rwlock = RWLOCK_INITIALIZER("syslogf");
*/
struct mutex log_mtx =
MUTEX_INITIALIZER_FLAGS(IPL_HIGH, "logmtx", MTX_NOWITNESS);
struct mutex log_kq_mtx =
MUTEX_INITIALIZER_FLAGS(IPL_HIGH, "logkqmtx", MTX_NOWITNESS);
void filt_logrdetach(struct knote *kn);
int filt_logread(struct knote *kn, long hint);
@ -208,7 +211,7 @@ logopen(dev_t dev, int flags, int mode, struct proc *p)
if (log_open)
return (EBUSY);
log_open = 1;
klist_init_mutex(&logsoftc.sc_klist, &log_mtx);
klist_init_mutex(&logsoftc.sc_klist, &log_kq_mtx);
sigio_init(&logsoftc.sc_sigio);
timeout_set(&logsoftc.sc_tick, logtick, NULL);
timeout_add_msec(&logsoftc.sc_tick, LOG_TICK);
@ -336,7 +339,9 @@ filt_logread(struct knote *kn, long hint)
{
struct msgbuf *mbp = kn->kn_hook;
mtx_enter(&log_mtx);
kn->kn_data = msgbuf_getlen(mbp);
mtx_leave(&log_mtx);
return (kn->kn_data != 0);
}
@ -345,9 +350,9 @@ filt_logmodify(struct kevent *kev, struct knote *kn)
{
int active;
mtx_enter(&log_mtx);
mtx_enter(&log_kq_mtx);
active = knote_modify(kev, kn);
mtx_leave(&log_mtx);
mtx_leave(&log_kq_mtx);
return (active);
}
@ -357,9 +362,9 @@ filt_logprocess(struct knote *kn, struct kevent *kev)
{
int active;
mtx_enter(&log_mtx);
mtx_enter(&log_kq_mtx);
active = knote_process(kn, kev);
mtx_leave(&log_mtx);
mtx_leave(&log_kq_mtx);
return (active);
}
@ -404,9 +409,10 @@ logtick(void *arg)
state = logsoftc.sc_state;
if (logsoftc.sc_state & LOG_RDWAIT)
logsoftc.sc_state &= ~LOG_RDWAIT;
knote_locked(&logsoftc.sc_klist, 0);
mtx_leave(&log_mtx);
knote(&logsoftc.sc_klist, 0);
if (state & LOG_ASYNC)
pgsigio(&logsoftc.sc_sigio, SIGIO, 0);
if (state & LOG_RDWAIT)

19
sys/net/pfkeyv2_parsemessage.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: pfkeyv2_parsemessage.c,v 1.62 2023/09/29 18:45:42 tobhe Exp $ */
/* $OpenBSD: pfkeyv2_parsemessage.c,v 1.63 2024/07/23 20:04:51 tobhe Exp $ */
/*
* @(#)COPYRIGHT 1.1 (NRL) 17 January 1995
@ -144,9 +144,9 @@ uint64_t sadb_exts_allowed_in[SADB_MAX+1] =
/* GETSPI */
BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST | BITMAP_SPIRANGE,
/* UPDATE */
BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_ADDRESS_PROXY | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_FLOW | BITMAP_X_UDPENCAP | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_RDOMAIN | BITMAP_X_IFACE,
BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_ADDRESS_PROXY | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_FLOW | BITMAP_X_UDPENCAP | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_RDOMAIN | BITMAP_X_COUNTER | BITMAP_X_REPLAY | BITMAP_X_IFACE,
/* ADD */
BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_FLOW | BITMAP_X_UDPENCAP | BITMAP_X_LIFETIME_LASTUSE | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_RDOMAIN | BITMAP_X_IFACE,
BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_FLOW | BITMAP_X_UDPENCAP | BITMAP_X_LIFETIME_LASTUSE | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_RDOMAIN | BITMAP_X_COUNTER | BITMAP_X_REPLAY | BITMAP_X_IFACE,
/* DELETE */
BITMAP_SA | BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST | BITMAP_X_RDOMAIN,
/* GET */
@ -851,6 +851,19 @@ pfkeyv2_parsemessage(void *p, int len, void **headers)
return (EINVAL);
}
break;
case SADB_X_EXT_REPLAY:
if (i != sizeof(struct sadb_x_replay)) {
DPRINTF("bad REPLAY header length");
return (EINVAL);
}
break;
case SADB_X_EXT_COUNTER:
if (i != sizeof(struct sadb_x_counter)) {
DPRINTF("bad COUNTER header length");
return (EINVAL);
}
break;
#if NPF > 0
case SADB_X_EXT_TAG:
if (i < sizeof(struct sadb_x_tag)) {

4
sys/uvm/uvm_device.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uvm_device.c,v 1.66 2021/12/15 12:53:53 mpi Exp $ */
/* $OpenBSD: uvm_device.c,v 1.67 2024/07/24 12:15:55 mpi Exp $ */
/* $NetBSD: uvm_device.c,v 1.30 2000/11/25 06:27:59 chs Exp $ */
/*
@ -245,8 +245,6 @@ udv_detach(struct uvm_object *uobj)
{
struct uvm_device *udv = (struct uvm_device *)uobj;
KERNEL_ASSERT_LOCKED();
/*
* loop until done
*/

5
sys/uvm/uvm_extern.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uvm_extern.h,v 1.174 2024/04/02 08:39:17 deraadt Exp $ */
/* $OpenBSD: uvm_extern.h,v 1.175 2024/07/24 12:17:31 mpi Exp $ */
/* $NetBSD: uvm_extern.h,v 1.57 2001/03/09 01:02:12 chs Exp $ */
/*
@ -195,11 +195,12 @@ struct pmap;
* Locks used to protect struct members in this file:
* K kernel lock
* I immutable after creation
* a atomic operations
* v vm_map's lock
*/
struct vmspace {
struct vm_map vm_map; /* VM address map */
int vm_refcnt; /* [K] number of references */
int vm_refcnt; /* [a] number of references */
caddr_t vm_shm; /* SYS5 shared memory private data XXX */
/* we copy from vm_startcopy to the end of the structure on fork */
#define vm_startcopy vm_rssize

41
sys/uvm/uvm_map.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uvm_map.c,v 1.329 2024/06/02 15:31:57 deraadt Exp $ */
/* $OpenBSD: uvm_map.c,v 1.330 2024/07/24 12:17:31 mpi Exp $ */
/* $NetBSD: uvm_map.c,v 1.86 2000/11/27 08:40:03 chs Exp $ */
/*
@ -1346,7 +1346,6 @@ void
uvm_unmap_detach(struct uvm_map_deadq *deadq, int flags)
{
struct vm_map_entry *entry, *tmp;
int waitok = flags & UVM_PLA_WAITOK;
TAILQ_FOREACH_SAFE(entry, deadq, dfree.deadq, tmp) {
/* Drop reference to amap, if we've got one. */
@ -1356,21 +1355,6 @@ uvm_unmap_detach(struct uvm_map_deadq *deadq, int flags)
atop(entry->end - entry->start),
flags & AMAP_REFALL);
/* Skip entries for which we have to grab the kernel lock. */
if (UVM_ET_ISSUBMAP(entry) || UVM_ET_ISOBJ(entry))
continue;
TAILQ_REMOVE(deadq, entry, dfree.deadq);
uvm_mapent_free(entry);
}
if (TAILQ_EMPTY(deadq))
return;
KERNEL_LOCK();
while ((entry = TAILQ_FIRST(deadq)) != NULL) {
if (waitok)
uvm_pause();
/* Drop reference to our backing object, if we've got one. */
if (UVM_ET_ISSUBMAP(entry)) {
/* ... unlikely to happen, but play it safe */
@ -1381,11 +1365,9 @@ uvm_unmap_detach(struct uvm_map_deadq *deadq, int flags)
entry->object.uvm_obj);
}
/* Step to next. */
TAILQ_REMOVE(deadq, entry, dfree.deadq);
uvm_mapent_free(entry);
}
KERNEL_UNLOCK();
}
void
@ -2476,10 +2458,6 @@ uvm_map_teardown(struct vm_map *map)
#endif
int i;
KERNEL_ASSERT_LOCKED();
KERNEL_UNLOCK();
KERNEL_ASSERT_UNLOCKED();
KASSERT((map->flags & VM_MAP_INTRSAFE) == 0);
vm_map_lock(map);
@ -2535,9 +2513,7 @@ uvm_map_teardown(struct vm_map *map)
numq++;
KASSERT(numt == numq);
#endif
uvm_unmap_detach(&dead_entries, UVM_PLA_WAITOK);
KERNEL_LOCK();
uvm_unmap_detach(&dead_entries, 0);
pmap_destroy(map->pmap);
map->pmap = NULL;
@ -3417,10 +3393,8 @@ uvmspace_exec(struct proc *p, vaddr_t start, vaddr_t end)
void
uvmspace_addref(struct vmspace *vm)
{
KERNEL_ASSERT_LOCKED();
KASSERT(vm->vm_refcnt > 0);
vm->vm_refcnt++;
atomic_inc_int(&vm->vm_refcnt);
}
/*
@ -3429,9 +3403,7 @@ uvmspace_addref(struct vmspace *vm)
void
uvmspace_free(struct vmspace *vm)
{
KERNEL_ASSERT_LOCKED();
if (--vm->vm_refcnt == 0) {
if (atomic_dec_int_nv(&vm->vm_refcnt) == 0) {
/*
* lock the map, to wait out all other references to it. delete
* all of the mappings and pages they hold, then call the pmap
@ -3439,8 +3411,11 @@ uvmspace_free(struct vmspace *vm)
*/
#ifdef SYSVSHM
/* Get rid of any SYSV shared memory segments. */
if (vm->vm_shm != NULL)
if (vm->vm_shm != NULL) {
KERNEL_LOCK();
shmexit(vm);
KERNEL_UNLOCK();
}
#endif
uvm_map_teardown(&vm->vm_map);

22
sys/uvm/uvm_pager.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uvm_pager.c,v 1.91 2023/08/11 17:53:22 mpi Exp $ */
/* $OpenBSD: uvm_pager.c,v 1.92 2024/07/24 12:18:10 mpi Exp $ */
/* $NetBSD: uvm_pager.c,v 1.36 2000/11/27 18:26:41 chs Exp $ */
/*
@ -134,24 +134,6 @@ uvm_pseg_get(int flags)
int i;
struct uvm_pseg *pseg;
/*
* XXX Prevent lock ordering issue in uvm_unmap_detach(). A real
* fix would be to move the KERNEL_LOCK() out of uvm_unmap_detach().
*
* witness_checkorder() at witness_checkorder+0xba0
* __mp_lock() at __mp_lock+0x5f
* uvm_unmap_detach() at uvm_unmap_detach+0xc5
* uvm_map() at uvm_map+0x857
* uvm_km_valloc_try() at uvm_km_valloc_try+0x65
* uvm_pseg_get() at uvm_pseg_get+0x6f
* uvm_pagermapin() at uvm_pagermapin+0x45
* uvn_io() at uvn_io+0xcf
* uvn_get() at uvn_get+0x156
* uvm_fault_lower() at uvm_fault_lower+0x28a
* uvm_fault() at uvm_fault+0x1b3
* upageflttrap() at upageflttrap+0x62
*/
KERNEL_LOCK();
mtx_enter(&uvm_pseg_lck);
pager_seg_restart:
@ -178,7 +160,6 @@ pager_seg_restart:
if (!UVM_PSEG_INUSE(pseg, i)) {
pseg->use |= 1 << i;
mtx_leave(&uvm_pseg_lck);
KERNEL_UNLOCK();
return pseg->start + i * MAXBSIZE;
}
}
@ -191,7 +172,6 @@ pager_seg_fail:
}
mtx_leave(&uvm_pseg_lck);
KERNEL_UNLOCK();
return 0;
}

8
sys/uvm/uvm_vnode.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: uvm_vnode.c,v 1.132 2023/04/10 04:21:20 jsg Exp $ */
/* $OpenBSD: uvm_vnode.c,v 1.133 2024/07/24 12:16:21 mpi Exp $ */
/* $NetBSD: uvm_vnode.c,v 1.36 2000/11/24 20:34:01 chs Exp $ */
/*
@ -306,10 +306,12 @@ uvn_detach(struct uvm_object *uobj)
struct vnode *vp;
int oldflags;
KERNEL_LOCK();
rw_enter(uobj->vmobjlock, RW_WRITE);
uobj->uo_refs--; /* drop ref! */
if (uobj->uo_refs) { /* still more refs */
rw_exit(uobj->vmobjlock);
KERNEL_UNLOCK();
return;
}
@ -365,6 +367,7 @@ uvn_detach(struct uvm_object *uobj)
if ((uvn->u_flags & UVM_VNODE_RELKILL) == 0) {
rw_exit(uobj->vmobjlock);
KERNEL_UNLOCK();
return;
}
@ -387,8 +390,7 @@ out:
/* drop our reference to the vnode. */
vrele(vp);
return;
KERNEL_UNLOCK();
}
/*

32
usr.bin/sndiod/file.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: file.c,v 1.26 2022/12/26 19:16:03 jmc Exp $ */
/* $OpenBSD: file.c,v 1.27 2024/07/23 06:34:03 ratchov Exp $ */
/*
* Copyright (c) 2008-2012 Alexandre Ratchov <alex@caoua.org>
*
@ -63,7 +63,7 @@
void timo_update(unsigned int);
void timo_init(void);
void timo_done(void);
void file_process(struct file *, struct pollfd *);
int file_process(struct file *, struct pollfd *);
struct timespec file_ts;
struct file *file_list;
@ -270,10 +270,10 @@ file_del(struct file *f)
#endif
}
void
int
file_process(struct file *f, struct pollfd *pfd)
{
int revents;
int rc, revents;
#ifdef DEBUG
struct timespec ts0, ts1;
long us;
@ -283,14 +283,21 @@ file_process(struct file *f, struct pollfd *pfd)
if (log_level >= 3)
clock_gettime(CLOCK_UPTIME, &ts0);
#endif
rc = 0;
revents = (f->state != FILE_ZOMB) ?
f->ops->revents(f->arg, pfd) : 0;
if ((revents & POLLHUP) && (f->state != FILE_ZOMB))
if ((revents & POLLHUP) && (f->state != FILE_ZOMB)) {
f->ops->hup(f->arg);
if ((revents & POLLIN) && (f->state != FILE_ZOMB))
rc = 1;
}
if ((revents & POLLIN) && (f->state != FILE_ZOMB)) {
f->ops->in(f->arg);
if ((revents & POLLOUT) && (f->state != FILE_ZOMB))
rc = 1;
}
if ((revents & POLLOUT) && (f->state != FILE_ZOMB)) {
f->ops->out(f->arg);
rc = 1;
}
#ifdef DEBUG
if (log_level >= 3) {
clock_gettime(CLOCK_UPTIME, &ts1);
@ -304,6 +311,7 @@ file_process(struct file *f, struct pollfd *pfd)
}
}
#endif
return rc;
}
int
@ -370,11 +378,19 @@ file_poll(void)
/*
* process files that do not rely on poll
*/
res = 0;
for (f = file_list; f != NULL; f = f->next) {
if (f->nfds > 0)
continue;
file_process(f, NULL);
res |= file_process(f, NULL);
}
/*
* The processing may have changed the poll(2) conditions of
* other files, so restart the loop to force their poll(2) event
* masks to be reevaluated.
*/
if (res)
return 1;
/*
* Sleep. Calculate the number of milliseconds poll(2) must

23
usr.sbin/radiusctl/parser.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: parser.c,v 1.3 2024/07/09 17:26:14 yasuoka Exp $ */
/* $OpenBSD: parser.c,v 1.4 2024/07/24 08:27:20 yasuoka Exp $ */
/*
* Copyright (c) 2010 Reyk Floeter <reyk@vantronix.net>
@ -44,6 +44,7 @@ enum token_type {
MAXWAIT,
FLAGS,
SESSION_SEQ,
MSGAUTH,
ENDTOKEN
};
@ -58,6 +59,7 @@ static struct parse_result res = {
.tries = TEST_TRIES_DEFAULT,
.interval = { TEST_INTERVAL_DEFAULT, 0 },
.maxwait = { TEST_MAXWAIT_DEFAULT, 0 },
.msgauth = 1
};
static const struct token t_test[];
@ -71,6 +73,7 @@ static const struct token t_nas_port[];
static const struct token t_tries[];
static const struct token t_interval[];
static const struct token t_maxwait[];
static const struct token t_yesno[];
static const struct token t_ipcp[];
static const struct token t_ipcp_flags[];
static const struct token t_ipcp_session_seq[];
@ -105,6 +108,7 @@ static const struct token t_test_opts[] = {
{ KEYWORD, "interval", NONE, t_interval },
{ KEYWORD, "tries", NONE, t_tries },
{ KEYWORD, "maxwait", NONE, t_maxwait },
{ KEYWORD, "msgauth", NONE, t_yesno },
{ ENDTOKEN, "", NONE, NULL }
};
@ -143,6 +147,12 @@ static const struct token t_maxwait[] = {
{ ENDTOKEN, "", NONE, NULL }
};
static const struct token t_yesno[] = {
{ MSGAUTH, "yes", 1, t_test_opts },
{ MSGAUTH, "no", 0, t_test_opts },
{ ENDTOKEN, "", NONE, NULL }
};
static const struct token t_ipcp[] = {
{ KEYWORD, "show", IPCP_SHOW, NULL },
{ KEYWORD, "dump", IPCP_DUMP, t_ipcp_flags },
@ -365,6 +375,14 @@ match_token(char *word, const struct token table[])
printf("invalid argument: %s is %s for "
"\"session-id\"", word, errstr);
t = &table[i];
case MSGAUTH:
if (word != NULL &&
strcmp(word, table[i].keyword) == 0) {
match++;
res.msgauth = table[i].value;
t = &table[i];
}
break;
case ENDTOKEN:
break;
}
@ -436,6 +454,9 @@ show_valid_args(const struct token table[])
case SESSION_SEQ:
fprintf(stderr, " <sequence number>\n");
break;
case MSGAUTH:
fprintf(stderr, " %s\n", table[i].keyword);
break;
case ENDTOKEN:
break;
}

3
usr.sbin/radiusctl/parser.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: parser.h,v 1.3 2024/07/09 17:26:14 yasuoka Exp $ */
/* $OpenBSD: parser.h,v 1.4 2024/07/24 08:27:20 yasuoka Exp $ */
/* This file is derived from OpenBSD:src/usr.sbin/ikectl/parser.h 1.9 */
/*
@ -60,6 +60,7 @@ struct parse_result {
const char *password;
u_short port;
int nas_port;
int msgauth;
enum auth_method auth_method;
/* number of packets to try sending */

7
usr.sbin/radiusctl/radiusctl.8
View file

@ -1,4 +1,4 @@
.\" $OpenBSD: radiusctl.8,v 1.8 2024/07/14 03:47:44 jsg Exp $
.\" $OpenBSD: radiusctl.8,v 1.9 2024/07/24 08:27:20 yasuoka Exp $
.\"
.\" Copyright (c) YASUOKA Masahiko <yasuoka@yasuoka.net>
.\"
@ -15,7 +15,7 @@
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.\"
.Dd $Mdocdate: July 14 2024 $
.Dd $Mdocdate: July 24 2024 $
.Dt RADIUSCTL 8
.Os
.Sh NAME
@ -86,6 +86,9 @@ the default port number 1812 is used.
.It Cm tries Ar number
Specifies the number of packets to try sending.
The default is 3.
.It Cm msgauth Ar yes | no
Specifies if Message-Authenticator is given for the access request packet.
The default is yes.
.El
.It Cm ipcp show
Show all ipcp sessions in the database of

7
usr.sbin/radiusctl/radiusctl.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: radiusctl.c,v 1.11 2024/07/22 09:39:23 yasuoka Exp $ */
/* $OpenBSD: radiusctl.c,v 1.12 2024/07/24 08:27:20 yasuoka Exp $ */
/*
* Copyright (c) 2015 YASUOKA Masahiko <yasuoka@yasuoka.net>
*
@ -368,6 +368,7 @@ radius_test(struct parse_result *res)
u32val = htonl(res->nas_port);
radius_put_raw_attr(reqpkt, RADIUS_TYPE_NAS_PORT, &u32val, 4);
if (res->msgauth)
radius_put_message_authenticator(reqpkt, res->secret);
event_init();
@ -500,6 +501,10 @@ radius_dump(FILE *out, RADIUS_PACKET *pkt, bool resp, const char *secret)
: (radius_check_message_authenticator(pkt, secret) == 0)
? "Verified" : "NG");
}
if (!resp)
fprintf(out, " Message-Authenticator = %s\n",
(radius_has_attr(pkt, RADIUS_TYPE_MESSAGE_AUTHENTICATOR))
? "(Present)" : "(Not present)");
if (radius_get_string_attr(pkt, RADIUS_TYPE_USER_NAME, buf,
sizeof(buf)) == 0)