From b478f6b8546b94726ff9f67c1a82f15a9bd9a1ec Mon Sep 17 00:00:00 2001 From: purplerain Date: Sat, 23 Mar 2024 00:52:05 +0000 Subject: [PATCH] sync with OpenBSD -current --- lib/libcrypto/x509/x509_lu.c | 14 +-- regress/sbin/disklabel/12000.ok | 38 +++--- regress/sbin/disklabel/18000.ok | 38 +++--- regress/sbin/disklabel/20000.ok | 38 +++--- regress/sbin/disklabel/300000.ok | 24 ++-- regress/sbin/disklabel/40000.ok | 34 +++--- regress/sbin/disklabel/90000.ok | 36 +++--- regress/sbin/disklabel/900000.ok | 12 +- sbin/disklabel/disklabel.8 | 6 +- sbin/disklabel/editor.c | 4 +- share/man/man4/man4.alpha/mem.4 | 11 +- share/man/man4/man4.amd64/mem.4 | 11 +- share/man/man4/man4.i386/mem.4 | 11 +- share/man/man4/man4.landisk/mem.4 | 11 +- share/man/man4/man4.loongson/mem.4 | 11 +- share/man/man4/man4.luna88k/mem.4 | 11 +- share/man/man4/man4.macppc/mem.4 | 11 +- share/man/man4/man4.sparc64/mem.4 | 11 +- sys/kern/kern_pledge.c | 3 +- sys/kern/uipc_socket.c | 3 +- sys/kern/uipc_usrreq.c | 4 +- sys/netinet/in_pcb.c | 16 +-- sys/netinet/in_pcb.h | 14 +-- sys/netinet6/in6_pcb.c | 4 +- sys/nfs/nfs_socket.c | 23 +++- sys/nfs/nfs_syscalls.c | 23 +++- sys/sys/socketvar.h | 3 +- usr.bin/aucat/aucat.c | 73 ++++++++---- usr.bin/patch/backupfile.c | 6 +- usr.bin/patch/patch.1 | 12 +- usr.bin/patch/patch.c | 11 +- usr.sbin/bgpd/bgpd.h | 15 ++- usr.sbin/bgpd/logmsg.c | 40 ++++++- usr.sbin/bgpd/rtr_proto.c | 18 +-- usr.sbin/bgpd/session.c | 145 ++++------------------- usr.sbin/bgpd/session.h | 15 +-- usr.sbin/bgpd/util.c | 44 ++++++- usr.sbin/lpd/control.c | 11 +- usr.sbin/rpki-client/cert.c | 8 +- usr.sbin/rpki-client/extern.h | 9 +- usr.sbin/rpki-client/filemode.c | 14 +-- usr.sbin/rpki-client/http.c | 6 +- usr.sbin/rpki-client/main.c | 6 +- usr.sbin/rpki-client/repo.c | 14 ++- usr.sbin/rpki-client/rrdp_delta.c | 4 +- usr.sbin/rpki-client/rrdp_notification.c | 6 +- usr.sbin/rpki-client/rrdp_snapshot.c | 4 +- usr.sbin/rpki-client/rsync.c | 4 +- usr.sbin/rpki-client/tal.c | 6 +- usr.sbin/rpki-client/x509.c | 8 +- 50 files changed, 466 insertions(+), 438 deletions(-) diff --git a/lib/libcrypto/x509/x509_lu.c b/lib/libcrypto/x509/x509_lu.c index 56fb43999..0edcfca7d 100644 --- a/lib/libcrypto/x509/x509_lu.c +++ b/lib/libcrypto/x509/x509_lu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_lu.c,v 1.64 2024/03/02 10:57:03 tb Exp $ */ +/* $OpenBSD: x509_lu.c,v 1.65 2024/03/22 06:24:54 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -63,6 +63,7 @@ #include #include #include + #include "x509_local.h" static X509_LOOKUP * @@ -221,22 +222,13 @@ x509_object_dup(const X509_OBJECT *obj) void X509_STORE_free(X509_STORE *store) { - STACK_OF(X509_LOOKUP) *sk; - X509_LOOKUP *lu; - int i; - if (store == NULL) return; if (CRYPTO_add(&store->references, -1, CRYPTO_LOCK_X509_STORE) > 0) return; - sk = store->get_cert_methods; - for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) { - lu = sk_X509_LOOKUP_value(sk, i); - X509_LOOKUP_free(lu); - } - sk_X509_LOOKUP_free(sk); + sk_X509_LOOKUP_pop_free(store->get_cert_methods, X509_LOOKUP_free); sk_X509_OBJECT_pop_free(store->objs, X509_OBJECT_free); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, store, &store->ex_data); diff --git a/regress/sbin/disklabel/12000.ok b/regress/sbin/disklabel/12000.ok index 53ee852ee..947c56305 100644 --- a/regress/sbin/disklabel/12000.ok +++ b/regress/sbin/disklabel/12000.ok @@ -2,25 +2,25 @@ Writing MBR at offset 0. a: 0.2G 128 4.2BSD 2048 16384 1 # / - a: 411520 128 4.2BSD 2048 16384 1 - b: 0.2G 411648 swap - b: 372510 411648 swap - d: 0.2G 784160 4.2BSD 2048 16384 1 # /tmp - d: 412672 784160 4.2BSD 2048 16384 1 - e: 0.2G 1196832 4.2BSD 2048 16384 1 # /var - e: 435104 1196832 4.2BSD 2048 16384 1 - f: 1.6G 1631936 4.2BSD 2048 16384 1 # /usr - f: 3280640 1631936 4.2BSD 2048 16384 1 - g: 0.4G 4912576 4.2BSD 2048 16384 1 # /usr/X11R6 - g: 849024 4912576 4.2BSD 2048 16384 1 - h: 1.1G 5761600 4.2BSD 2048 16384 1 # /usr/local - h: 2410144 5761600 4.2BSD 2048 16384 1 - i: 1.5G 8171744 4.2BSD 2048 16384 1 # /usr/src - i: 3113728 8171744 4.2BSD 2048 16384 1 - j: 5.0G 11285472 4.2BSD 2048 16384 1 # /usr/obj - j: 10569216 11285472 4.2BSD 2048 16384 1 - k: 1.3G 21854688 4.2BSD 2048 16384 1 # /home - k: 2723360 21854688 4.2BSD 2048 16384 1 + a: 355392 128 4.2BSD 2048 16384 1 + b: 0.1G 355520 swap + b: 260280 355520 swap + d: 0.2G 615808 4.2BSD 2048 16384 1 # /tmp + d: 322880 615808 4.2BSD 2048 16384 1 + e: 0.1G 938688 4.2BSD 2048 16384 1 # /var + e: 289184 938688 4.2BSD 2048 16384 1 + f: 1.5G 1227872 4.2BSD 2048 16384 1 # /usr + f: 3168416 1227872 4.2BSD 2048 16384 1 + g: 0.4G 4396288 4.2BSD 2048 16384 1 # /usr/X11R6 + g: 815360 4396288 4.2BSD 2048 16384 1 + h: 1.1G 5211648 4.2BSD 2048 16384 1 # /usr/local + h: 2241792 5211648 4.2BSD 2048 16384 1 + i: 2.0G 7453440 4.2BSD 2048 16384 1 # /usr/src + i: 4213568 7453440 4.2BSD 2048 16384 1 + j: 5.0G 11667008 4.2BSD 2048 16384 1 # /usr/obj + j: 10524320 11667008 4.2BSD 2048 16384 1 + k: 1.1G 22191328 4.2BSD 2048 16384 1 # /home + k: 2386720 22191328 4.2BSD 2048 16384 1 /dev/vnd0a / ffs rw 1 1 /dev/vnd0k /home ffs rw 1 2 diff --git a/regress/sbin/disklabel/18000.ok b/regress/sbin/disklabel/18000.ok index 5fe298d84..de8d17fae 100644 --- a/regress/sbin/disklabel/18000.ok +++ b/regress/sbin/disklabel/18000.ok @@ -2,25 +2,25 @@ Writing MBR at offset 0. a: 0.5G 128 4.2BSD 2048 16384 1 # / - a: 1025920 128 4.2BSD 2048 16384 1 - b: 0.8G 1026048 swap - b: 1601310 1026048 swap - d: 0.7G 2627360 4.2BSD 2048 16384 1 # /tmp - d: 1395712 2627360 4.2BSD 2048 16384 1 - e: 1.0G 4023072 4.2BSD 2048 16384 1 # /var - e: 2032544 4023072 4.2BSD 2048 16384 1 - f: 2.2G 6055616 4.2BSD 2048 16384 1 # /usr - f: 4509440 6055616 4.2BSD 2048 16384 1 - g: 0.6G 10565056 4.2BSD 2048 16384 1 # /usr/X11R6 - g: 1217664 10565056 4.2BSD 2048 16384 1 - h: 2.0G 11782720 4.2BSD 2048 16384 1 # /usr/local - h: 4253344 11782720 4.2BSD 2048 16384 1 - i: 1.6G 16036064 4.2BSD 2048 16384 1 # /usr/src - i: 3359488 16036064 4.2BSD 2048 16384 1 - j: 5.3G 19395552 4.2BSD 2048 16384 1 # /usr/obj - j: 11060736 19395552 4.2BSD 2048 16384 1 - k: 3.1G 30456288 4.2BSD 2048 16384 1 # /home - k: 6409760 30456288 4.2BSD 2048 16384 1 + a: 969792 128 4.2BSD 2048 16384 1 + b: 0.7G 969920 swap + b: 1489080 969920 swap + d: 0.6G 2459008 4.2BSD 2048 16384 1 # /tmp + d: 1305920 2459008 4.2BSD 2048 16384 1 + e: 0.9G 3764928 4.2BSD 2048 16384 1 # /var + e: 1886624 3764928 4.2BSD 2048 16384 1 + f: 2.1G 5651552 4.2BSD 2048 16384 1 # /usr + f: 4397216 5651552 4.2BSD 2048 16384 1 + g: 0.6G 10048768 4.2BSD 2048 16384 1 # /usr/X11R6 + g: 1184000 10048768 4.2BSD 2048 16384 1 + h: 1.9G 11232768 4.2BSD 2048 16384 1 # /usr/local + h: 4084992 11232768 4.2BSD 2048 16384 1 + i: 2.1G 15317760 4.2BSD 2048 16384 1 # /usr/src + i: 4459328 15317760 4.2BSD 2048 16384 1 + j: 5.3G 19777088 4.2BSD 2048 16384 1 # /usr/obj + j: 11015840 19777088 4.2BSD 2048 16384 1 + k: 2.9G 30792928 4.2BSD 2048 16384 1 # /home + k: 6073120 30792928 4.2BSD 2048 16384 1 /dev/vnd0a / ffs rw 1 1 /dev/vnd0k /home ffs rw 1 2 diff --git a/regress/sbin/disklabel/20000.ok b/regress/sbin/disklabel/20000.ok index 2260ab2e3..6dd53ea89 100644 --- a/regress/sbin/disklabel/20000.ok +++ b/regress/sbin/disklabel/20000.ok @@ -2,25 +2,25 @@ Writing MBR at offset 0. a: 0.6G 128 4.2BSD 2048 16384 1 # / - a: 1230720 128 4.2BSD 2048 16384 1 - b: 1.0G 1230848 swap - b: 2010910 1230848 swap - d: 0.8G 3241760 4.2BSD 2048 16384 1 # /tmp - d: 1723392 3241760 4.2BSD 2048 16384 1 - e: 1.2G 4965152 4.2BSD 2048 16384 1 # /var - e: 2565024 4965152 4.2BSD 2048 16384 1 - f: 2.3G 7530176 4.2BSD 2048 16384 1 # /usr - f: 4919040 7530176 4.2BSD 2048 16384 1 - g: 0.6G 12449216 4.2BSD 2048 16384 1 # /usr/X11R6 - g: 1340544 12449216 4.2BSD 2048 16384 1 - h: 2.3G 13789760 4.2BSD 2048 16384 1 # /usr/local - h: 4867744 13789760 4.2BSD 2048 16384 1 - i: 1.6G 18657504 4.2BSD 2048 16384 1 # /usr/src - i: 3441408 18657504 4.2BSD 2048 16384 1 - j: 5.4G 22098912 4.2BSD 2048 16384 1 # /usr/obj - j: 11224576 22098912 4.2BSD 2048 16384 1 - k: 3.6G 33323488 4.2BSD 2048 16384 1 # /home - k: 7638560 33323488 4.2BSD 2048 16384 1 + a: 1174592 128 4.2BSD 2048 16384 1 + b: 0.9G 1174720 swap + b: 1898680 1174720 swap + d: 0.8G 3073408 4.2BSD 2048 16384 1 # /tmp + d: 1633600 3073408 4.2BSD 2048 16384 1 + e: 1.2G 4707008 4.2BSD 2048 16384 1 # /var + e: 2419104 4707008 4.2BSD 2048 16384 1 + f: 2.3G 7126112 4.2BSD 2048 16384 1 # /usr + f: 4806816 7126112 4.2BSD 2048 16384 1 + g: 0.6G 11932928 4.2BSD 2048 16384 1 # /usr/X11R6 + g: 1306880 11932928 4.2BSD 2048 16384 1 + h: 2.2G 13239808 4.2BSD 2048 16384 1 # /usr/local + h: 4699392 13239808 4.2BSD 2048 16384 1 + i: 2.2G 17939200 4.2BSD 2048 16384 1 # /usr/src + i: 4541248 17939200 4.2BSD 2048 16384 1 + j: 5.3G 22480448 4.2BSD 2048 16384 1 # /usr/obj + j: 11179680 22480448 4.2BSD 2048 16384 1 + k: 3.5G 33660128 4.2BSD 2048 16384 1 # /home + k: 7301920 33660128 4.2BSD 2048 16384 1 /dev/vnd0a / ffs rw 1 1 /dev/vnd0k /home ffs rw 1 2 diff --git a/regress/sbin/disklabel/300000.ok b/regress/sbin/disklabel/300000.ok index 2e1761776..da9510bf9 100644 --- a/regress/sbin/disklabel/300000.ok +++ b/regress/sbin/disklabel/300000.ok @@ -9,18 +9,18 @@ Writing MBR at offset 0. d: 8388608 35521024 4.2BSD 2048 16384 1 e: 35.4G 43909632 4.2BSD 2048 16384 1 # /var e: 74187520 43909632 4.2BSD 2048 16384 1 - f: 29.7G 118097152 4.2BSD 2048 16384 1 # /usr - f: 62263040 118097152 4.2BSD 2048 16384 1 - g: 1.0G 180360192 4.2BSD 2048 16384 1 # /usr/X11R6 - g: 2097152 180360192 4.2BSD 2048 16384 1 - h: 20.0G 182457344 4.2BSD 2048 16384 1 # /usr/local - h: 41943040 182457344 4.2BSD 2048 16384 1 - i: 3.0G 224400384 4.2BSD 2048 16384 1 # /usr/src - i: 6291456 224400384 4.2BSD 2048 16384 1 - j: 6.0G 230691840 4.2BSD 2048 16384 1 # /usr/obj - j: 12582912 230691840 4.2BSD 2048 16384 1 - k: 177.0G 243274752 4.2BSD 4096 32768 1 # /home - k: 371127296 243274752 4.2BSD 4096 32768 1 + f: 29.6G 118097152 4.2BSD 2048 16384 1 # /usr + f: 62150816 118097152 4.2BSD 2048 16384 1 + g: 1.0G 180247968 4.2BSD 2048 16384 1 # /usr/X11R6 + g: 2097152 180247968 4.2BSD 2048 16384 1 + h: 20.0G 182345120 4.2BSD 2048 16384 1 # /usr/local + h: 41943040 182345120 4.2BSD 2048 16384 1 + i: 5.0G 224288160 4.2BSD 2048 16384 1 # /usr/src + i: 10485760 224288160 4.2BSD 2048 16384 1 + j: 6.0G 234773920 4.2BSD 2048 16384 1 # /usr/obj + j: 12582912 234773920 4.2BSD 2048 16384 1 + k: 175.0G 247356864 4.2BSD 4096 32768 1 # /home + k: 367045184 247356864 4.2BSD 4096 32768 1 /dev/vnd0a / ffs rw 1 1 /dev/vnd0k /home ffs rw 1 2 diff --git a/regress/sbin/disklabel/40000.ok b/regress/sbin/disklabel/40000.ok index cd21962f5..75625da56 100644 --- a/regress/sbin/disklabel/40000.ok +++ b/regress/sbin/disklabel/40000.ok @@ -4,23 +4,23 @@ Writing MBR at offset 0. a: 1.0G 128 4.2BSD 2048 16384 1 # / a: 2097152 128 4.2BSD 2048 16384 1 b: 2.9G 2097280 swap - b: 6106910 2097280 swap - d: 2.4G 8204192 4.2BSD 2048 16384 1 # /tmp - d: 5000192 8204192 4.2BSD 2048 16384 1 - e: 3.8G 13204384 4.2BSD 2048 16384 1 # /var - e: 7889824 13204384 4.2BSD 2048 16384 1 - f: 4.3G 21094208 4.2BSD 2048 16384 1 # /usr - f: 9015040 21094208 4.2BSD 2048 16384 1 - g: 1.0G 30109248 4.2BSD 2048 16384 1 # /usr/X11R6 - g: 2097152 30109248 4.2BSD 2048 16384 1 - h: 5.3G 32206400 4.2BSD 2048 16384 1 # /usr/local - h: 11011744 32206400 4.2BSD 2048 16384 1 - i: 2.0G 43218144 4.2BSD 2048 16384 1 # /usr/src - i: 4260608 43218144 4.2BSD 2048 16384 1 - j: 6.0G 47478752 4.2BSD 2048 16384 1 # /usr/obj - j: 12582912 47478752 4.2BSD 2048 16384 1 - k: 10.4G 60061664 4.2BSD 2048 16384 1 # /home - k: 21860384 60061664 4.2BSD 2048 16384 1 + b: 5994680 2097280 swap + d: 2.3G 8091968 4.2BSD 2048 16384 1 # /tmp + d: 4910400 8091968 4.2BSD 2048 16384 1 + e: 3.7G 13002368 4.2BSD 2048 16384 1 # /var + e: 7743904 13002368 4.2BSD 2048 16384 1 + f: 4.2G 20746272 4.2BSD 2048 16384 1 # /usr + f: 8902816 20746272 4.2BSD 2048 16384 1 + g: 1.0G 29649088 4.2BSD 2048 16384 1 # /usr/X11R6 + g: 2097152 29649088 4.2BSD 2048 16384 1 + h: 5.2G 31746240 4.2BSD 2048 16384 1 # /usr/local + h: 10843392 31746240 4.2BSD 2048 16384 1 + i: 2.6G 42589632 4.2BSD 2048 16384 1 # /usr/src + i: 5360448 42589632 4.2BSD 2048 16384 1 + j: 6.0G 47950080 4.2BSD 2048 16384 1 # /usr/obj + j: 12582912 47950080 4.2BSD 2048 16384 1 + k: 10.2G 60532992 4.2BSD 2048 16384 1 # /home + k: 21389056 60532992 4.2BSD 2048 16384 1 /dev/vnd0a / ffs rw 1 1 /dev/vnd0k /home ffs rw 1 2 diff --git a/regress/sbin/disklabel/90000.ok b/regress/sbin/disklabel/90000.ok index 6ac07b3a2..91ad56d15 100644 --- a/regress/sbin/disklabel/90000.ok +++ b/regress/sbin/disklabel/90000.ok @@ -3,24 +3,24 @@ Writing MBR at offset 0. a: 1.0G 128 4.2BSD 2048 16384 1 # / a: 2097152 128 4.2BSD 2048 16384 1 - b: 7.8G 2097280 swap - b: 16346910 2097280 swap - d: 4.0G 18444192 4.2BSD 2048 16384 1 # /tmp - d: 8388576 18444192 4.2BSD 2048 16384 1 - e: 10.1G 26832768 4.2BSD 2048 16384 1 # /var - e: 21201824 26832768 4.2BSD 2048 16384 1 - f: 9.2G 48034592 4.2BSD 2048 16384 1 # /usr - f: 19255040 48034592 4.2BSD 2048 16384 1 - g: 1.0G 67289632 4.2BSD 2048 16384 1 # /usr/X11R6 - g: 2097152 67289632 4.2BSD 2048 16384 1 - h: 12.6G 69386784 4.2BSD 2048 16384 1 # /usr/local - h: 26371744 69386784 4.2BSD 2048 16384 1 - i: 3.0G 95758528 4.2BSD 2048 16384 1 # /usr/src - i: 6291456 95758528 4.2BSD 2048 16384 1 - j: 6.0G 102049984 4.2BSD 2048 16384 1 # /usr/obj - j: 12582912 102049984 4.2BSD 2048 16384 1 - k: 33.2G 114632896 4.2BSD 2048 16384 1 # /home - k: 69689152 114632896 4.2BSD 2048 16384 1 + b: 7.7G 2097280 swap + b: 16234680 2097280 swap + d: 4.0G 18331968 4.2BSD 2048 16384 1 # /tmp + d: 8388576 18331968 4.2BSD 2048 16384 1 + e: 10.0G 26720544 4.2BSD 2048 16384 1 # /var + e: 21055904 26720544 4.2BSD 2048 16384 1 + f: 9.1G 47776448 4.2BSD 2048 16384 1 # /usr + f: 19142816 47776448 4.2BSD 2048 16384 1 + g: 1.0G 66919264 4.2BSD 2048 16384 1 # /usr/X11R6 + g: 2097152 66919264 4.2BSD 2048 16384 1 + h: 12.5G 69016416 4.2BSD 2048 16384 1 # /usr/local + h: 26203392 69016416 4.2BSD 2048 16384 1 + i: 3.5G 95219808 4.2BSD 2048 16384 1 # /usr/src + i: 7408448 95219808 4.2BSD 2048 16384 1 + j: 6.0G 102628256 4.2BSD 2048 16384 1 # /usr/obj + j: 12582912 102628256 4.2BSD 2048 16384 1 + k: 33.0G 115211168 4.2BSD 2048 16384 1 # /home + k: 69110880 115211168 4.2BSD 2048 16384 1 /dev/vnd0a / ffs rw 1 1 /dev/vnd0k /home ffs rw 1 2 diff --git a/regress/sbin/disklabel/900000.ok b/regress/sbin/disklabel/900000.ok index 63915ca46..d35f7d284 100644 --- a/regress/sbin/disklabel/900000.ok +++ b/regress/sbin/disklabel/900000.ok @@ -15,12 +15,12 @@ Writing MBR at offset 0. g: 2097152 181011712 4.2BSD 2048 16384 1 h: 20.0G 183108864 4.2BSD 2048 16384 1 # /usr/local h: 41943040 183108864 4.2BSD 2048 16384 1 - i: 3.0G 225051904 4.2BSD 2048 16384 1 # /usr/src - i: 6291456 225051904 4.2BSD 2048 16384 1 - j: 6.0G 231343360 4.2BSD 2048 16384 1 # /usr/obj - j: 12582912 231343360 4.2BSD 2048 16384 1 - k: 300.0G 243926272 4.2BSD 4096 32768 1 # /home - k: 629145600 243926272 4.2BSD 4096 32768 1 + i: 5.0G 225051904 4.2BSD 2048 16384 1 # /usr/src + i: 10485760 225051904 4.2BSD 2048 16384 1 + j: 6.0G 235537664 4.2BSD 2048 16384 1 # /usr/obj + j: 12582912 235537664 4.2BSD 2048 16384 1 + k: 300.0G 248120576 4.2BSD 4096 32768 1 # /home + k: 629145600 248120576 4.2BSD 4096 32768 1 /dev/vnd0a / ffs rw 1 1 /dev/vnd0k /home ffs rw 1 2 diff --git a/sbin/disklabel/disklabel.8 b/sbin/disklabel/disklabel.8 index d388af56c..e1ae60b69 100644 --- a/sbin/disklabel/disklabel.8 +++ b/sbin/disklabel/disklabel.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: disklabel.8,v 1.156 2023/07/05 08:05:04 krw Exp $ +.\" $OpenBSD: disklabel.8,v 1.157 2024/03/22 21:49:52 jan Exp $ .\" $NetBSD: disklabel.8,v 1.9 1995/03/18 14:54:38 cgd Exp $ .\" .\" Copyright (c) 1987, 1988, 1991, 1993 @@ -33,7 +33,7 @@ .\" .\" @(#)disklabel.8 8.2 (Berkeley) 4/19/94 .\" -.Dd $Mdocdate: July 5 2023 $ +.Dd $Mdocdate: March 22 2024 $ .Dt DISKLABEL 8 .Os .Sh NAME @@ -499,7 +499,7 @@ Ta 384MB \(en \0\01GB Ta Ta Ta .It Sy /usr/local \ Ta \0\01GB \(en \020GB Ta Ta Ta .It Sy /usr/src \ -Ta 1.5GB \(en \0\03GB Ta Ta Ta +Ta \0\02GB \(en \0\05GB Ta Ta Ta .It Sy /usr/obj \ Ta \0\05GB \(en \0\06GB Ta Ta Ta .El diff --git a/sbin/disklabel/editor.c b/sbin/disklabel/editor.c index 5e29c14f5..1493688f3 100644 --- a/sbin/disklabel/editor.c +++ b/sbin/disklabel/editor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: editor.c,v 1.417 2023/09/06 12:45:19 robert Exp $ */ +/* $OpenBSD: editor.c,v 1.418 2024/03/22 21:49:52 jan Exp $ */ /* * Copyright (c) 1997-2000 Todd C. Miller @@ -97,7 +97,7 @@ struct space_allocation alloc_big[] = { { MEG(1500), GIG(30), 10, "/usr" }, { MEG(384), GIG(1), 3, "/usr/X11R6" }, { GIG(1), GIG(20), 15, "/usr/local" }, - { MEG(1500), GIG(3), 2, "/usr/src" }, + { GIG(2), GIG(5), 2, "/usr/src" }, { GIG(5), GIG(6), 4, "/usr/obj" }, { GIG(1), GIG(300), 30, "/home" } /* Anything beyond this leave for the user to decide */ diff --git a/share/man/man4/man4.alpha/mem.4 b/share/man/man4/man4.alpha/mem.4 index 20ae47a71..b526c5754 100644 --- a/share/man/man4/man4.alpha/mem.4 +++ b/share/man/man4/man4.alpha/mem.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mem.4,v 1.6 2018/01/12 04:36:44 deraadt Exp $ +.\" $OpenBSD: mem.4,v 1.7 2024/03/22 12:29:33 jsg Exp $ .\" Copyright (c) 1992, 1993 .\" The Regents of the University of California. All rights reserved. .\" @@ -32,7 +32,7 @@ .\" .\" from: @(#)mem.4 8.1 (Berkeley) 6/5/93 .\" -.Dd $Mdocdate: January 12 2018 $ +.Dd $Mdocdate: March 22 2024 $ .Dt MEM 4 alpha .Os .Sh NAME @@ -78,7 +78,8 @@ variable is set. .Sh HISTORY The .Pa /dev/mem -and +file appeared in +.At v1 , .Pa /dev/kmem -files appeared in -.At v6 . +appeared in +.At v5 . diff --git a/share/man/man4/man4.amd64/mem.4 b/share/man/man4/man4.amd64/mem.4 index fc888bb99..641357580 100644 --- a/share/man/man4/man4.amd64/mem.4 +++ b/share/man/man4/man4.amd64/mem.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mem.4,v 1.6 2018/01/12 04:36:44 deraadt Exp $ +.\" $OpenBSD: mem.4,v 1.7 2024/03/22 12:29:33 jsg Exp $ .\" .\" Copyright (c) 1991 The Regents of the University of California. .\" All rights reserved. @@ -29,7 +29,7 @@ .\" .\" from: @(#)mem.4 5.3 (Berkeley) 5/2/91 .\" -.Dd $Mdocdate: January 12 2018 $ +.Dd $Mdocdate: March 22 2024 $ .Dt MEM 4 amd64 .Os .Sh NAME @@ -80,7 +80,8 @@ variable is set. .Sh HISTORY The .Pa /dev/mem -and +file appeared in +.At v1 , .Pa /dev/kmem -files appeared in -.At v6 . +appeared in +.At v5 . diff --git a/share/man/man4/man4.i386/mem.4 b/share/man/man4/man4.i386/mem.4 index 6c24c53c9..9b31ab728 100644 --- a/share/man/man4/man4.i386/mem.4 +++ b/share/man/man4/man4.i386/mem.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mem.4,v 1.12 2018/01/12 04:36:44 deraadt Exp $ +.\" $OpenBSD: mem.4,v 1.13 2024/03/22 12:29:33 jsg Exp $ .\" .\" Copyright (c) 1991 The Regents of the University of California. .\" All rights reserved. @@ -29,7 +29,7 @@ .\" .\" from: @(#)mem.4 5.3 (Berkeley) 5/2/91 .\" -.Dd $Mdocdate: January 12 2018 $ +.Dd $Mdocdate: March 22 2024 $ .Dt MEM 4 i386 .Os .Sh NAME @@ -80,7 +80,8 @@ variable is set. .Sh HISTORY The .Pa /dev/mem -and +file appeared in +.At v1 , .Pa /dev/kmem -files appeared in -.At v6 . +appeared in +.At v5 . diff --git a/share/man/man4/man4.landisk/mem.4 b/share/man/man4/man4.landisk/mem.4 index 8856deb1a..b87f19307 100644 --- a/share/man/man4/man4.landisk/mem.4 +++ b/share/man/man4/man4.landisk/mem.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mem.4,v 1.4 2018/01/12 04:36:44 deraadt Exp $ +.\" $OpenBSD: mem.4,v 1.5 2024/03/22 12:29:33 jsg Exp $ .\" .\" Copyright (c) 1991 The Regents of the University of California. .\" All rights reserved. @@ -29,7 +29,7 @@ .\" .\" from: @(#)mem.4 5.3 (Berkeley) 5/2/91 .\" -.Dd $Mdocdate: January 12 2018 $ +.Dd $Mdocdate: March 22 2024 $ .Dt MEM 4 landisk .Os .Sh NAME @@ -74,7 +74,8 @@ variable is set. .Sh HISTORY The .Pa /dev/mem -and +file appeared in +.At v1 , .Pa /dev/kmem -files appeared in -.At v6 . +appeared in +.At v5 . diff --git a/share/man/man4/man4.loongson/mem.4 b/share/man/man4/man4.loongson/mem.4 index 6da0a0aad..3e4625d39 100644 --- a/share/man/man4/man4.loongson/mem.4 +++ b/share/man/man4/man4.loongson/mem.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mem.4,v 1.4 2018/01/12 04:36:44 deraadt Exp $ +.\" $OpenBSD: mem.4,v 1.5 2024/03/22 12:29:33 jsg Exp $ .\" Copyright (c) 1992, 1993 .\" The Regents of the University of California. All rights reserved. .\" @@ -32,7 +32,7 @@ .\" .\" from: @(#)mem.4 8.1 (Berkeley) 6/5/93 .\" -.Dd $Mdocdate: January 12 2018 $ +.Dd $Mdocdate: March 22 2024 $ .Dt MEM 4 loongson .Os .Sh NAME @@ -104,7 +104,8 @@ variable is set. .Sh HISTORY The .Pa /dev/mem -and +file appeared in +.At v1 , .Pa /dev/kmem -files appeared in -.At v6 . +appeared in +.At v5 . diff --git a/share/man/man4/man4.luna88k/mem.4 b/share/man/man4/man4.luna88k/mem.4 index a19caff0d..5cf09d04f 100644 --- a/share/man/man4/man4.luna88k/mem.4 +++ b/share/man/man4/man4.luna88k/mem.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mem.4,v 1.4 2018/01/12 04:36:44 deraadt Exp $ +.\" $OpenBSD: mem.4,v 1.5 2024/03/22 12:29:33 jsg Exp $ .\" Copyright (c) 1992, 1993 .\" The Regents of the University of California. All rights reserved. .\" @@ -32,7 +32,7 @@ .\" .\" from: @(#)mem.4 8.1 (Berkeley) 6/5/93 .\" -.Dd $Mdocdate: January 12 2018 $ +.Dd $Mdocdate: March 22 2024 $ .Dt MEM 4 luna88k .Os .Sh NAME @@ -78,7 +78,8 @@ variable is set. .Sh HISTORY The .Pa /dev/mem -and +file appeared in +.At v1 , .Pa /dev/kmem -files appeared in -.At v6 . +appeared in +.At v5 . diff --git a/share/man/man4/man4.macppc/mem.4 b/share/man/man4/man4.macppc/mem.4 index e47911ac4..e1f5cb52b 100644 --- a/share/man/man4/man4.macppc/mem.4 +++ b/share/man/man4/man4.macppc/mem.4 @@ -30,10 +30,10 @@ .\" SUCH DAMAGE. .\" .\" from: @(#)mem.4 8.1 (Berkeley) 6/5/93 -.\" $OpenBSD: mem.4,v 1.7 2018/01/12 04:36:44 deraadt Exp $ +.\" $OpenBSD: mem.4,v 1.8 2024/03/22 12:29:33 jsg Exp $ .\" $NetBSD: mem.4,v 1.1 1997/06/08 17:40:57 ender Exp $ .\" -.Dd $Mdocdate: January 12 2018 $ +.Dd $Mdocdate: March 22 2024 $ .Dt MEM 4 macppc .Os .Sh NAME @@ -78,7 +78,8 @@ variable is set. .Sh HISTORY The .Pa /dev/mem -and +file appeared in +.At v1 , .Pa /dev/kmem -files appeared in -.At v6 . +appeared in +.At v5 . diff --git a/share/man/man4/man4.sparc64/mem.4 b/share/man/man4/man4.sparc64/mem.4 index 87c9d47d8..d4554c7cb 100644 --- a/share/man/man4/man4.sparc64/mem.4 +++ b/share/man/man4/man4.sparc64/mem.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mem.4,v 1.6 2018/01/12 04:36:44 deraadt Exp $ +.\" $OpenBSD: mem.4,v 1.7 2024/03/22 12:29:33 jsg Exp $ .\" Copyright (c) 1992, 1993 .\" The Regents of the University of California. All rights reserved. .\" @@ -32,7 +32,7 @@ .\" .\" from: @(#)mem.4 8.1 (Berkeley) 6/5/93 .\" -.Dd $Mdocdate: January 12 2018 $ +.Dd $Mdocdate: March 22 2024 $ .Dt MEM 4 sparc64 .Os .Sh NAME @@ -80,7 +80,8 @@ variable is set. .Sh HISTORY The .Pa /dev/mem -and +file appeared in +.At v1 , .Pa /dev/kmem -files appeared in -.At v6 . +appeared in +.At v5 . diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index deb254245..aab866f65 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.310 2023/12/12 17:43:10 deraadt Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.311 2024/03/22 05:54:25 ratchov Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -1139,6 +1139,7 @@ pledge_ioctl(struct proc *p, long com, struct file *fp) #if NAUDIO > 0 if ((pledge & PLEDGE_AUDIO)) { switch (com) { + case AUDIO_GETDEV: case AUDIO_GETPOS: case AUDIO_GETPAR: case AUDIO_SETPAR: diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 85032afee..7b04935ef 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_socket.c,v 1.320 2024/02/12 22:48:27 mvs Exp $ */ +/* $OpenBSD: uipc_socket.c,v 1.321 2024/03/22 17:34:11 mvs Exp $ */ /* $NetBSD: uipc_socket.c,v 1.21 1996/02/04 02:17:52 christos Exp $ */ /* @@ -65,7 +65,6 @@ void sotask(void *); void soreaper(void *); void soput(void *); int somove(struct socket *, int); -void sorflush(struct socket *); void filt_sordetach(struct knote *kn); int filt_soread(struct knote *kn, long hint); diff --git a/sys/kern/uipc_usrreq.c b/sys/kern/uipc_usrreq.c index 6ceb1e411..6a480c517 100644 --- a/sys/kern/uipc_usrreq.c +++ b/sys/kern/uipc_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_usrreq.c,v 1.201 2024/03/17 19:47:08 mvs Exp $ */ +/* $OpenBSD: uipc_usrreq.c,v 1.202 2024/03/22 17:34:11 mvs Exp $ */ /* $NetBSD: uipc_usrreq.c,v 1.18 1996/02/09 19:00:50 christos Exp $ */ /* @@ -1438,7 +1438,7 @@ unp_gc(void *arg __unused) */ so = unp->unp_socket; solock(so); - unp_scan(so->so_rcv.sb_mb, unp_discard); + sorflush(so); sounlock(so); } } diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 610b91d11..12c0b86cf 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in_pcb.c,v 1.296 2024/02/29 12:01:59 naddy Exp $ */ +/* $OpenBSD: in_pcb.c,v 1.298 2024/03/22 21:48:38 bluhm Exp $ */ /* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */ /* @@ -102,11 +102,7 @@ #endif const struct in_addr zeroin_addr; - -const union { - struct in_addr za_in; - struct in6_addr za_in6; -} zeroin46_addr; +const union inpaddru zeroin46_addr; /* * These configure the range of local port addresses assigned to @@ -277,12 +273,12 @@ in_pcballoc(struct socket *so, struct inpcbtable *table, int wait) } int -in_pcbbind_locked(struct inpcb *inp, struct mbuf *nam, struct proc *p) +in_pcbbind_locked(struct inpcb *inp, struct mbuf *nam, const void *laddr, + struct proc *p) { struct socket *so = inp->inp_socket; u_int16_t lport = 0; int wild = 0; - const void *laddr = &zeroin46_addr; int error; if (inp->inp_lport) @@ -359,7 +355,7 @@ in_pcbbind(struct inpcb *inp, struct mbuf *nam, struct proc *p) /* keep lookup, modification, and rehash in sync */ mtx_enter(&table->inpt_mtx); - error = in_pcbbind_locked(inp, nam, p); + error = in_pcbbind_locked(inp, nam, &zeroin46_addr, p); mtx_leave(&table->inpt_mtx); return error; @@ -542,7 +538,7 @@ in_pcbconnect(struct inpcb *inp, struct mbuf *nam) if (inp->inp_laddr.s_addr == INADDR_ANY) { if (inp->inp_lport == 0) { - error = in_pcbbind_locked(inp, NULL, curproc); + error = in_pcbbind_locked(inp, NULL, &ina, curproc); if (error) { mtx_leave(&table->inpt_mtx); return (error); diff --git a/sys/netinet/in_pcb.h b/sys/netinet/in_pcb.h index 1d67469c6..683f1a7c4 100644 --- a/sys/netinet/in_pcb.h +++ b/sys/netinet/in_pcb.h @@ -1,4 +1,4 @@ -/* $OpenBSD: in_pcb.h,v 1.152 2024/02/13 12:22:09 bluhm Exp $ */ +/* $OpenBSD: in_pcb.h,v 1.154 2024/03/22 21:48:38 bluhm Exp $ */ /* $NetBSD: in_pcb.h,v 1.14 1996/02/13 23:42:00 christos Exp $ */ /* @@ -120,11 +120,8 @@ struct pf_state_key; union inpaddru { + struct in_addr iau_addr; struct in6_addr iau_addr6; - struct { - uint8_t pad[12]; - struct in_addr inaddr; /* easier transition */ - } iau_a4u; }; /* @@ -142,9 +139,9 @@ struct inpcb { struct inpcbtable *inp_table; /* [I] inet queue/hash table */ union inpaddru inp_faddru; /* [t] Foreign address. */ union inpaddru inp_laddru; /* [t] Local address. */ -#define inp_faddr inp_faddru.iau_a4u.inaddr +#define inp_faddr inp_faddru.iau_addr #define inp_faddr6 inp_faddru.iau_addr6 -#define inp_laddr inp_laddru.iau_a4u.inaddr +#define inp_laddr inp_laddru.iau_addr #define inp_laddr6 inp_laddru.iau_addr6 u_int16_t inp_fport; /* [t] foreign port */ u_int16_t inp_lport; /* [t] local port */ @@ -307,7 +304,8 @@ extern int in_pcbnotifymiss; void in_init(void); void in_losing(struct inpcb *); int in_pcballoc(struct socket *, struct inpcbtable *, int); -int in_pcbbind_locked(struct inpcb *, struct mbuf *, struct proc *); +int in_pcbbind_locked(struct inpcb *, struct mbuf *, const void *, + struct proc *); int in_pcbbind(struct inpcb *, struct mbuf *, struct proc *); int in_pcbaddrisavail(const struct inpcb *, struct sockaddr_in *, int, struct proc *); diff --git a/sys/netinet6/in6_pcb.c b/sys/netinet6/in6_pcb.c index ac10047a6..88b6e6045 100644 --- a/sys/netinet6/in6_pcb.c +++ b/sys/netinet6/in6_pcb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in6_pcb.c,v 1.141 2024/02/29 12:01:59 naddy Exp $ */ +/* $OpenBSD: in6_pcb.c,v 1.142 2024/03/22 18:05:01 bluhm Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -313,7 +313,7 @@ in6_pcbconnect(struct inpcb *inp, struct mbuf *nam) if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_laddr6)) { if (inp->inp_lport == 0) { - error = in_pcbbind_locked(inp, NULL, curproc); + error = in_pcbbind_locked(inp, NULL, in6a, curproc); if (error) { mtx_leave(&table->inpt_mtx); return (error); diff --git a/sys/nfs/nfs_socket.c b/sys/nfs/nfs_socket.c index 2bdacec2e..8e2cf00eb 100644 --- a/sys/nfs/nfs_socket.c +++ b/sys/nfs/nfs_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nfs_socket.c,v 1.145 2024/02/05 20:21:39 mvs Exp $ */ +/* $OpenBSD: nfs_socket.c,v 1.146 2024/03/22 07:15:04 claudio Exp $ */ /* $NetBSD: nfs_socket.c,v 1.27 1996/04/15 20:20:00 thorpej Exp $ */ /* @@ -1624,11 +1624,22 @@ nfsrv_rcv(struct socket *so, caddr_t arg, int waitflag) error = soreceive(so, &nam, &auio, &mp, NULL, &flags, 0); if (mp) { - if (nam) { - m = nam; - m->m_next = mp; - } else - m = mp; + struct sockaddr_in *sin; + + if (nam == NULL) { + nfsstats.srv_errs++; + m_freem(mp); + continue; + } + if (in_nam2sin(nam, &sin) != 0 || + ntohs(sin->sin_port) >= IPPORT_RESERVED) { + nfsstats.srv_errs++; + m_freem(nam); + m_freem(mp); + continue; + } + m = nam; + m->m_next = mp; if (slp->ns_recend) slp->ns_recend->m_nextpkt = m; else diff --git a/sys/nfs/nfs_syscalls.c b/sys/nfs/nfs_syscalls.c index 139af9e5d..961423006 100644 --- a/sys/nfs/nfs_syscalls.c +++ b/sys/nfs/nfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nfs_syscalls.c,v 1.121 2024/02/05 20:21:39 mvs Exp $ */ +/* $OpenBSD: nfs_syscalls.c,v 1.122 2024/03/22 07:15:04 claudio Exp $ */ /* $NetBSD: nfs_syscalls.c,v 1.19 1996/02/18 11:53:52 fvdl Exp $ */ /* @@ -243,6 +243,27 @@ nfssvc_addsock(struct file *fp, struct mbuf *mynam) return (EPERM); } } + /* + * Allow only IPv4 UDP and TCP sockets. + */ + if ((so->so_type != SOCK_STREAM && so->so_type != SOCK_DGRAM) || + so->so_proto->pr_domain->dom_family != AF_INET) { + m_freem(mynam); + return (EINVAL); + } + if (mynam != NULL) { + struct sockaddr_in *sin; + error = in_nam2sin(mynam, &sin); + if (error) { + m_freem(mynam); + return (error); + } + if (ntohs(sin->sin_port) >= IPPORT_RESERVED) { + m_freem(mynam); + return (ECONNREFUSED); + } + } + if (so->so_type == SOCK_STREAM) siz = NFS_MAXPACKET + sizeof (u_long); else diff --git a/sys/sys/socketvar.h b/sys/sys/socketvar.h index 9ef1cafe7..dc34b1c5c 100644 --- a/sys/sys/socketvar.h +++ b/sys/sys/socketvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: socketvar.h,v 1.124 2024/02/12 22:48:27 mvs Exp $ */ +/* $OpenBSD: socketvar.h,v 1.125 2024/03/22 17:34:11 mvs Exp $ */ /* $NetBSD: socketvar.h,v 1.18 1996/02/09 18:25:38 christos Exp $ */ /*- @@ -394,6 +394,7 @@ int sosend(struct socket *, struct mbuf *, struct uio *, struct mbuf *, struct mbuf *, int); int sosetopt(struct socket *, int, int, struct mbuf *); int soshutdown(struct socket *, int); +void sorflush(struct socket *); void sowakeup(struct socket *, struct sockbuf *); void sorwakeup(struct socket *); void sowwakeup(struct socket *); diff --git a/usr.bin/aucat/aucat.c b/usr.bin/aucat/aucat.c index 5af4a6a10..201b50dcd 100644 --- a/usr.bin/aucat/aucat.c +++ b/usr.bin/aucat/aucat.c @@ -104,6 +104,9 @@ unsigned int dev_round; /* device block size */ int dev_rate; /* device sample rate (Hz) */ unsigned int dev_pchan, dev_rchan; /* play & rec channels count */ adata_t *dev_pbuf, *dev_rbuf; /* play & rec buffers */ +struct aparams dev_par; /* device sample format */ +struct conv dev_enc, dev_dec; /* format conversions */ +unsigned char *dev_encbuf, *dev_decbuf; /* buf for format conversions */ long long dev_pos; /* last MMC position in frames */ #define DEV_STOP 0 /* stopped */ #define DEV_START 1 /* started */ @@ -141,15 +144,15 @@ char usagestr[] = "usage: aucat [-dn] [-b size] " "[-q port] [-r rate] [-v volume]\n"; static void * -allocbuf(int nfr, int nch) +allocbuf(int nfr, int nch, int bps) { size_t fsize; - if (nch < 0 || nch > NCHAN_MAX) { - log_puts("allocbuf: bogus channel count\n"); + if (nch < 0 || nch > NCHAN_MAX || bps < 0 || bps > 4) { + log_puts("allocbuf: bogus channels or bytes per sample count\n"); panic(); } - fsize = nch * sizeof(adata_t); + fsize = nch * bps; return reallocarray(NULL, nfr, fsize); } @@ -343,12 +346,12 @@ slot_init(struct slot *s) if (s->afile.fmt != AFILE_FMT_PCM || !aparams_native(&s->afile.par)) { dec_init(&s->conv, &s->afile.par, s->afile.nch); - s->convbuf = allocbuf(s->round, s->afile.nch); + s->convbuf = allocbuf(s->round, s->afile.nch, sizeof(adata_t)); } if (s->afile.rate != dev_rate) { resamp_init(&s->resamp, s->afile.rate, dev_rate, s->afile.nch); - s->resampbuf = allocbuf(dev_round, s->afile.nch); + s->resampbuf = allocbuf(dev_round, s->afile.nch, sizeof(adata_t)); } } if (s->mode & SIO_REC) { @@ -358,11 +361,11 @@ slot_init(struct slot *s) if (s->afile.rate != dev_rate) { resamp_init(&s->resamp, dev_rate, s->afile.rate, s->afile.nch); - s->resampbuf = allocbuf(dev_round, s->afile.nch); + s->resampbuf = allocbuf(dev_round, s->afile.nch, sizeof(adata_t)); } if (!aparams_native(&s->afile.par)) { enc_init(&s->conv, &s->afile.par, s->afile.nch); - s->convbuf = allocbuf(s->round, s->afile.nch); + s->convbuf = allocbuf(s->round, s->afile.nch, sizeof(adata_t)); } /* @@ -673,6 +676,7 @@ dev_open(char *dev, int mode, int bufsz, char *port) { int rate, pmax, rmax; struct sio_par par; + char encstr[ENCMAX]; struct slot *s; if (port) { @@ -723,32 +727,41 @@ dev_open(char *dev, int mode, int bufsz, char *port) log_puts(": couldn't set audio params\n"); return 0; } - if (par.bits != ADATA_BITS || - par.bps != sizeof(adata_t) || - (par.bps > 1 && par.le != SIO_LE_NATIVE) || - (par.bps * 8 > par.bits && par.msb)) { - log_puts(dev_name); - log_puts(": unsupported audio params\n"); - return 0; - } + dev_par.bits = par.bits; + dev_par.bps = par.bps; + dev_par.sig = par.sig; + dev_par.le = par.le; + dev_par.msb = par.msb; dev_mode = mode; dev_rate = par.rate; dev_bufsz = par.bufsz; dev_round = par.round; if (mode & SIO_PLAY) { dev_pchan = par.pchan; - dev_pbuf = allocbuf(dev_round, dev_pchan); + dev_pbuf = allocbuf(dev_round, dev_pchan, sizeof(adata_t)); } if (mode & SIO_REC) { dev_rchan = par.rchan; - dev_rbuf = allocbuf(dev_round, dev_rchan); + dev_rbuf = allocbuf(dev_round, dev_rchan, sizeof(adata_t)); + } + if (!aparams_native(&dev_par)) { + if (mode & SIO_PLAY) { + dev_encbuf = allocbuf(dev_round, dev_pchan, dev_par.bps); + enc_init(&dev_enc, &dev_par, dev_pchan); + } + if (mode & SIO_REC) { + dev_decbuf = allocbuf(dev_round, dev_rchan, dev_par.bps); + dec_init(&dev_dec, &dev_par, dev_rchan); + } } dev_pstate = DEV_STOP; if (log_level >= 2) { log_puts(dev_name); log_puts(": "); log_putu(dev_rate); - log_puts("Hz"); + log_puts("Hz, "); + aparams_enctostr(&dev_par, encstr); + log_puts(encstr); if (dev_mode & SIO_PLAY) { log_puts(", play 0:"); log_puti(dev_pchan - 1); @@ -1106,7 +1119,7 @@ offline(void) dev_bufsz = rate; dev_round = rate; dev_pchan = dev_rchan = cmax + 1; - dev_pbuf = dev_rbuf = allocbuf(dev_round, dev_pchan); + dev_pbuf = dev_rbuf = allocbuf(dev_round, dev_pchan, sizeof(adata_t)); dev_pstate = DEV_STOP; for (s = slot_list; s != NULL; s = s->next) slot_init(s); @@ -1145,8 +1158,8 @@ playrec_cycle(void) if (dev_prime > 0) dev_prime--; else { - todo = dev_round * dev_rchan * sizeof(adata_t); - p = (unsigned char *)dev_rbuf; + todo = dev_round * dev_rchan * dev_par.bps; + p = dev_decbuf ? dev_decbuf : (unsigned char *)dev_rbuf; while (todo > 0) { n = sio_read(dev_sh, p, todo); if (n == 0) { @@ -1159,12 +1172,24 @@ playrec_cycle(void) todo -= n; } rcnt = slot_list_copy(dev_round, dev_rchan, dev_rbuf); + if (dev_decbuf) { + dec_do(&dev_dec, + dev_decbuf, (unsigned char *)dev_rbuf, + dev_round); + } } } if (dev_mode & SIO_PLAY) { pcnt = slot_list_mix(dev_round, dev_pchan, dev_pbuf); - todo = sizeof(adata_t) * dev_pchan * dev_round; - n = sio_write(dev_sh, dev_pbuf, todo); + todo = dev_par.bps * dev_pchan * dev_round; + if (dev_encbuf) { + enc_do(&dev_enc, + (unsigned char *)dev_pbuf, dev_encbuf, + dev_round); + p = dev_encbuf; + } else + p = (unsigned char *)dev_pbuf; + n = sio_write(dev_sh, p, todo); if (n == 0) { log_puts(dev_name); log_puts(": failed to write to device\n"); diff --git a/usr.bin/patch/backupfile.c b/usr.bin/patch/backupfile.c index 6e504949a..2d2c0eb24 100644 --- a/usr.bin/patch/backupfile.c +++ b/usr.bin/patch/backupfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: backupfile.c,v 1.22 2020/10/12 13:58:27 naddy Exp $ */ +/* $OpenBSD: backupfile.c,v 1.23 2024/03/22 19:22:23 jcs Exp $ */ /* * backupfile.c -- make Emacs style backup file names Copyright (C) 1990 Free @@ -220,11 +220,11 @@ invalid_arg(const char *kind, const char *value, int problem) } static const char *backup_args[] = { - "never", "simple", "nil", "existing", "t", "numbered", 0 + "none", "never", "simple", "nil", "existing", "t", "numbered", 0 }; static enum backup_type backup_types[] = { - simple, simple, numbered_existing, + none, simple, simple, numbered_existing, numbered_existing, numbered, numbered }; diff --git a/usr.bin/patch/patch.1 b/usr.bin/patch/patch.1 index f88192f4a..d16d72850 100644 --- a/usr.bin/patch/patch.1 +++ b/usr.bin/patch/patch.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: patch.1,v 1.36 2022/03/31 17:27:26 naddy Exp $ +.\" $OpenBSD: patch.1,v 1.37 2024/03/22 19:22:23 jcs Exp $ .\" Copyright 1986, Larry Wall .\" .\" Redistribution and use in source and binary forms, with or without @@ -19,7 +19,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd $Mdocdate: March 31 2022 $ +.Dd $Mdocdate: March 22 2024 $ .Dt PATCH 1 .Os .Sh NAME @@ -37,7 +37,7 @@ .Op Fl o Ar out-file .Op Fl p Ar strip-count .Op Fl r Ar rej-name -.Op Fl V Cm t | nil | never +.Op Fl V Cm t | nil | never | none .Op Fl x Ar number .Op Fl z Ar backup-ext .Op Fl Fl posix @@ -289,8 +289,8 @@ Forces .Nm to interpret the patch file as a unified context diff (a unidiff). .It Xo -.Fl V Cm t | nil | never , -.Fl Fl version-control Cm t | nil | never +.Fl V Cm t | nil | never | none , +.Fl Fl version-control Cm t | nil | never | none .Xc Causes the next argument to be interpreted as a method for creating backup file names. @@ -321,6 +321,8 @@ Make numbered backups of files that already have them, simple backups of the others. .It Cm never , simple Always make simple backups. +.It Cm none +Do not make backups. .El .It Fl v , Fl Fl version Causes diff --git a/usr.bin/patch/patch.c b/usr.bin/patch/patch.c index 496451c88..213d2fcf5 100644 --- a/usr.bin/patch/patch.c +++ b/usr.bin/patch/patch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: patch.c,v 1.75 2023/10/25 20:05:43 bluhm Exp $ */ +/* $OpenBSD: patch.c,v 1.76 2024/03/22 19:22:23 jcs Exp $ */ /* * patch - a program to apply diffs to original files @@ -109,6 +109,8 @@ static bool remove_empty_files = false; /* true if -R was specified on command line. */ static bool reverse_flag_specified = false; +static bool Vflag = false; + /* buffer holding the name of the rejected patch file. */ static char rejname[PATH_MAX]; @@ -255,7 +257,7 @@ main(int argc, char *argv[]) my_exit(2); } - if (backup_type == none) { + if (!Vflag) { if ((v = getenv("PATCH_VERSION_CONTROL")) == NULL) v = getenv("VERSION_CONTROL"); if (v != NULL || !posix) @@ -641,6 +643,7 @@ get_some_switches(void) break; case 'V': backup_type = get_version(optarg); + Vflag = true; break; #ifdef DEBUGGING case 'x': @@ -677,8 +680,8 @@ usage(void) fprintf(stderr, "usage: patch [-bCcEeflNnRstuv] [-B backup-prefix] [-D symbol] [-d directory]\n" " [-F max-fuzz] [-i patchfile] [-o out-file] [-p strip-count]\n" -" [-r rej-name] [-V t | nil | never] [-x number] [-z backup-ext]\n" -" [--posix] [origfile [patchfile]]\n" +" [-r rej-name] [-V t | nil | never | none] [-x number]\n" +" [-z backup-ext] [--posix] [origfile [patchfile]]\n" " patch @@ -408,6 +408,17 @@ struct capabilities { int8_t policy; /* Open Policy, RFC 9234, 2 = enforce */ }; +enum capa_codes { + CAPA_NONE = 0, + CAPA_MP = 1, + CAPA_REFRESH = 2, + CAPA_ROLE = 9, + CAPA_RESTART = 64, + CAPA_AS4BYTE = 65, + CAPA_ADD_PATH = 69, + CAPA_ENHANCED_RR = 70, +}; + /* flags for RFC 4724 - graceful restart */ #define CAPA_GR_PRESENT 0x01 #define CAPA_GR_RESTART 0x02 @@ -1534,6 +1545,7 @@ int trie_equal(struct trie_head *, struct trie_head *); time_t getmonotime(void); /* util.c */ +char *ibuf_get_string(struct ibuf *, size_t); const char *log_addr(const struct bgpd_addr *); const char *log_in6addr(const struct in6_addr *); const char *log_sockaddr(struct sockaddr *, socklen_t); @@ -1546,6 +1558,7 @@ const char *log_roa(struct roa *); const char *log_aspa(struct aspa_set *); const char *log_rtr_error(enum rtr_error); const char *log_policy(enum role); +const char *log_capability(uint8_t); int aspath_asprint(char **, struct ibuf *); uint32_t aspath_extract(const void *, int); int aspath_verify(struct ibuf *, int, int); diff --git a/usr.sbin/bgpd/logmsg.c b/usr.sbin/bgpd/logmsg.c index dfa89f239..91b3eb71d 100644 --- a/usr.sbin/bgpd/logmsg.c +++ b/usr.sbin/bgpd/logmsg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: logmsg.c,v 1.11 2024/01/16 13:15:31 claudio Exp $ */ +/* $OpenBSD: logmsg.c,v 1.13 2024/03/22 15:41:34 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -133,12 +133,18 @@ log_statechange(struct peer *peer, enum session_state nstate, void log_notification(const struct peer *peer, uint8_t errcode, uint8_t subcode, - struct ibuf *data, const char *dir) + const struct ibuf *data, const char *dir) { + struct ibuf ibuf; char *p; const char *suberrname = NULL; int uk = 0; + if (data != NULL) + ibuf_from_ibuf(&ibuf, data); + else + ibuf_from_buffer(&ibuf, NULL, 0); + p = log_fmt_peer(&peer->conf); switch (errcode) { case ERR_HEADER: @@ -154,6 +160,18 @@ log_notification(const struct peer *peer, uint8_t errcode, uint8_t subcode, uk = 1; else suberrname = suberr_open_names[subcode]; + if (errcode == ERR_OPEN && subcode == ERR_OPEN_CAPA) { + uint8_t capa_code; + + if (ibuf_get_n8(&ibuf, &capa_code) == -1) + break; + + logit(LOG_ERR, "%s: %s notification: %s, %s: %s", + p, dir, errnames[errcode], suberrname, + log_capability(capa_code)); + free(p); + return; + } break; case ERR_UPDATE: if (subcode >= sizeof(suberr_update_names) / sizeof(char *) || @@ -168,6 +186,24 @@ log_notification(const struct peer *peer, uint8_t errcode, uint8_t subcode, uk = 1; else suberrname = suberr_cease_names[subcode]; + + if (subcode == ERR_CEASE_ADMIN_DOWN || + subcode == ERR_CEASE_ADMIN_RESET) { + uint8_t len; + /* check if shutdown reason is included */ + if (ibuf_get_n8(&ibuf, &len) != -1 && len != 0) { + char *s; + if ((s = ibuf_get_string(&ibuf, len)) != NULL) { + logit(LOG_ERR, "%s: %s notification: " + "%s, %s: reason \"%s\"", p, dir, + errnames[errcode], suberrname, + log_reason(s)); + free(s); + free(p); + return; + } + } + } break; case ERR_HOLDTIMEREXPIRED: if (subcode != 0) diff --git a/usr.sbin/bgpd/rtr_proto.c b/usr.sbin/bgpd/rtr_proto.c index aec9ea310..7ceda7970 100644 --- a/usr.sbin/bgpd/rtr_proto.c +++ b/usr.sbin/bgpd/rtr_proto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rtr_proto.c,v 1.33 2024/01/23 15:59:56 claudio Exp $ */ +/* $OpenBSD: rtr_proto.c,v 1.34 2024/03/22 15:41:34 claudio Exp $ */ /* * Copyright (c) 2020 Claudio Jeker @@ -915,22 +915,6 @@ rtr_parse_cache_reset(struct rtr_session *rs, struct ibuf *pdu) return -1; } -static char * -ibuf_get_string(struct ibuf *buf, size_t len) -{ - char *str; - - if (ibuf_size(buf) < len) { - errno = EBADMSG; - return (NULL); - } - str = strndup(ibuf_data(buf), len); - if (str == NULL) - return (NULL); - ibuf_skip(buf, len); - return (str); -} - /* * Parse an Error Response message. This function behaves a bit different * from other parse functions since on error the connection needs to be diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c index 3aeec7767..da3d0311c 100644 --- a/usr.sbin/bgpd/session.c +++ b/usr.sbin/bgpd/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.464 2024/03/20 09:35:46 claudio Exp $ */ +/* $OpenBSD: session.c,v 1.466 2024/03/22 15:41:34 claudio Exp $ */ /* * Copyright (c) 2003, 2004, 2005 Henning Brauer @@ -2479,11 +2479,8 @@ parse_notification(struct peer *peer) struct ibuf ibuf; u_char *p; uint16_t datalen; - uint8_t errcode; - uint8_t subcode; - uint8_t capa_code; - uint8_t capa_len; - size_t reason_len; + uint8_t errcode, subcode; + uint8_t reason_len; /* just log */ p = peer->rbuf->rptr; @@ -2495,109 +2492,33 @@ parse_notification(struct peer *peer) p += MSGSIZE_HEADER; /* header is already checked */ datalen -= MSGSIZE_HEADER; - memcpy(&errcode, p, sizeof(errcode)); - p += sizeof(errcode); - datalen -= sizeof(errcode); - - memcpy(&subcode, p, sizeof(subcode)); - p += sizeof(subcode); - datalen -= sizeof(subcode); - /* XXX */ ibuf_from_buffer(&ibuf, p, datalen); - log_notification(peer, errcode, subcode, &ibuf, "received"); + + if (ibuf_get_n8(&ibuf, &errcode) == -1 || + ibuf_get_n8(&ibuf, &subcode) == -1) { + log_peer_warnx(&peer->conf, "received bad notification"); + return (-1); + } peer->errcnt++; peer->stats.last_rcvd_errcode = errcode; peer->stats.last_rcvd_suberr = subcode; - if (errcode == ERR_OPEN && subcode == ERR_OPEN_CAPA) { - if (datalen == 0) { /* zebra likes to send those.. humbug */ - log_peer_warnx(&peer->conf, "received \"unsupported " - "capability\" notification without data part, " - "disabling capability announcements altogether"); - session_capa_ann_none(peer); - } + log_notification(peer, errcode, subcode, &ibuf, "received"); - while (datalen > 0) { - if (datalen < 2) { + CTASSERT(sizeof(peer->stats.last_reason) > UINT8_MAX); + memset(peer->stats.last_reason, 0, sizeof(peer->stats.last_reason)); + if (errcode == ERR_CEASE && + (subcode == ERR_CEASE_ADMIN_DOWN || + subcode == ERR_CEASE_ADMIN_RESET)) { + /* check if shutdown reason is included */ + if (ibuf_get_n8(&ibuf, &reason_len) != -1 && reason_len != 0) { + if (ibuf_get(&ibuf, peer->stats.last_reason, + reason_len) == -1) log_peer_warnx(&peer->conf, - "parse_notification: " - "expect len >= 2, len is %u", datalen); - return (-1); - } - memcpy(&capa_code, p, sizeof(capa_code)); - p += sizeof(capa_code); - datalen -= sizeof(capa_code); - memcpy(&capa_len, p, sizeof(capa_len)); - p += sizeof(capa_len); - datalen -= sizeof(capa_len); - if (datalen < capa_len) { - log_peer_warnx(&peer->conf, - "parse_notification: capa_len %u exceeds " - "remaining msg length %u", capa_len, - datalen); - return (-1); - } - p += capa_len; - datalen -= capa_len; - switch (capa_code) { - case CAPA_MP: - memset(peer->capa.ann.mp, 0, - sizeof(peer->capa.ann.mp)); - log_peer_warnx(&peer->conf, - "disabling multiprotocol capability"); - break; - case CAPA_REFRESH: - peer->capa.ann.refresh = 0; - log_peer_warnx(&peer->conf, - "disabling route refresh capability"); - break; - case CAPA_ROLE: - if (peer->capa.ann.policy == 1) { - peer->capa.ann.policy = 0; - log_peer_warnx(&peer->conf, - "disabling role capability"); - } else { - log_peer_warnx(&peer->conf, - "role capability enforced, " - "not disabling"); - } - break; - case CAPA_RESTART: - peer->capa.ann.grestart.restart = 0; - log_peer_warnx(&peer->conf, - "disabling restart capability"); - break; - case CAPA_AS4BYTE: - peer->capa.ann.as4byte = 0; - log_peer_warnx(&peer->conf, - "disabling 4-byte AS num capability"); - break; - case CAPA_ADD_PATH: - memset(peer->capa.ann.add_path, 0, - sizeof(peer->capa.ann.add_path)); - log_peer_warnx(&peer->conf, - "disabling ADD-PATH capability"); - break; - case CAPA_ENHANCED_RR: - peer->capa.ann.enhanced_rr = 0; - log_peer_warnx(&peer->conf, - "disabling enhanced route refresh " - "capability"); - break; - default: /* should not happen... */ - log_peer_warnx(&peer->conf, "received " - "\"unsupported capability\" notification " - "for unknown capability %u, disabling " - "capability announcements altogether", - capa_code); - session_capa_ann_none(peer); - break; - } + "received truncated shutdown reason"); } - - return (1); } if (errcode == ERR_OPEN && subcode == ERR_OPEN_OPT) { @@ -2605,32 +2526,6 @@ parse_notification(struct peer *peer) return (1); } - if (errcode == ERR_CEASE && - (subcode == ERR_CEASE_ADMIN_DOWN || - subcode == ERR_CEASE_ADMIN_RESET)) { - if (datalen > 1) { - reason_len = *p++; - datalen--; - if (datalen < reason_len) { - log_peer_warnx(&peer->conf, - "received truncated shutdown reason"); - return (0); - } - if (reason_len > REASON_LEN - 1) { - log_peer_warnx(&peer->conf, - "received overly long shutdown reason"); - return (0); - } - memcpy(peer->stats.last_reason, p, reason_len); - peer->stats.last_reason[reason_len] = '\0'; - log_peer_warnx(&peer->conf, - "received shutdown reason: \"%s\"", - log_reason(peer->stats.last_reason)); - p += reason_len; - datalen -= reason_len; - } - } - return (0); } diff --git a/usr.sbin/bgpd/session.h b/usr.sbin/bgpd/session.h index 13cbd92d7..1f459b79d 100644 --- a/usr.sbin/bgpd/session.h +++ b/usr.sbin/bgpd/session.h @@ -1,4 +1,4 @@ -/* $OpenBSD: session.h,v 1.167 2024/01/16 13:15:31 claudio Exp $ */ +/* $OpenBSD: session.h,v 1.168 2024/03/22 07:19:28 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -106,17 +106,6 @@ enum opt_params { OPT_PARAM_EXT_LEN=255, }; -enum capa_codes { - CAPA_NONE = 0, - CAPA_MP = 1, - CAPA_REFRESH = 2, - CAPA_ROLE = 9, - CAPA_RESTART = 64, - CAPA_AS4BYTE = 65, - CAPA_ADD_PATH = 69, - CAPA_ENHANCED_RR = 70, -}; - struct bgp_msg { struct ibuf *buf; enum msg_type type; @@ -273,7 +262,7 @@ char *log_fmt_peer(const struct peer_config *); void log_statechange(struct peer *, enum session_state, enum session_events); void log_notification(const struct peer *, uint8_t, uint8_t, - struct ibuf *, const char *); + const struct ibuf *, const char *); void log_conn_attempt(const struct peer *, struct sockaddr *, socklen_t); diff --git a/usr.sbin/bgpd/util.c b/usr.sbin/bgpd/util.c index db4f5e757..44513b929 100644 --- a/usr.sbin/bgpd/util.c +++ b/usr.sbin/bgpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.83 2024/03/20 09:35:46 claudio Exp $ */ +/* $OpenBSD: util.c,v 1.85 2024/03/22 15:41:34 claudio Exp $ */ /* * Copyright (c) 2006 Claudio Jeker @@ -32,6 +32,22 @@ #include "rde.h" #include "log.h" +char * +ibuf_get_string(struct ibuf *buf, size_t len) +{ + char *str; + + if (ibuf_size(buf) < len) { + errno = EBADMSG; + return (NULL); + } + str = strndup(ibuf_data(buf), len); + if (str == NULL) + return (NULL); + ibuf_skip(buf, len); + return (str); +} + const char * log_addr(const struct bgpd_addr *addr) { @@ -309,6 +325,32 @@ log_policy(enum role role) } } +const char * +log_capability(uint8_t capa) +{ + static char buf[20]; + + switch (capa) { + case CAPA_MP: + return "Multiprotocol Extensions"; + case CAPA_REFRESH: + return "Route Refresh"; + case CAPA_ROLE: + return "BGP Role"; + case CAPA_RESTART: + return "Graceful Restart"; + case CAPA_AS4BYTE: + return "4-octet AS number"; + case CAPA_ADD_PATH: + return "ADD-PATH"; + case CAPA_ENHANCED_RR: + return "Enhanced Route Refresh"; + default: + snprintf(buf, sizeof(buf), "unknown %u", capa); + return buf; + } +} + static const char * aspath_delim(uint8_t seg_type, int closing) { diff --git a/usr.sbin/lpd/control.c b/usr.sbin/lpd/control.c index 1904327a0..fb6e0fac6 100644 --- a/usr.sbin/lpd/control.c +++ b/usr.sbin/lpd/control.c @@ -1,4 +1,4 @@ -/* $OpenBSD: control.c,v 1.2 2022/12/28 21:30:17 jmc Exp $ */ +/* $OpenBSD: control.c,v 1.3 2024/03/22 19:14:28 bluhm Exp $ */ /* * Copyright (c) 2017 Eric Faurot @@ -25,6 +25,7 @@ #include #include #include +#include #include #include #include @@ -71,14 +72,16 @@ control(int debug, int verbose) if ((pw = getpwnam(LPD_USER)) == NULL) fatalx("unknown user " LPD_USER); + if (chroot(_PATH_VAREMPTY) == -1) + fatal("%s: chroot", __func__); + if (chdir("/") == -1) + fatal("%s: chdir", __func__); + if (setgroups(1, &pw->pw_gid) || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) fatal("cannot drop privileges"); - if (chroot(pw->pw_dir) == 1) - fatal("%s: chroot", __func__); - if (pledge("stdio unix recvfd sendfd", NULL) == -1) fatal("%s: pledge", __func__); diff --git a/usr.sbin/rpki-client/cert.c b/usr.sbin/rpki-client/cert.c index 309ac438e..b5fbf3d56 100644 --- a/usr.sbin/rpki-client/cert.c +++ b/usr.sbin/rpki-client/cert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cert.c,v 1.128 2024/03/19 05:04:13 tb Exp $ */ +/* $OpenBSD: cert.c,v 1.129 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2021 Job Snijders @@ -524,15 +524,15 @@ sbgp_sia(const char *fn, struct cert *cert, X509_EXTENSION *ext) if (OBJ_cmp(oid, carepo_oid) == 0) { if (!x509_location(fn, "SIA: caRepository", - "rsync://", ad->location, &cert->repo)) + RSYNC_PROTO, ad->location, &cert->repo)) goto out; } else if (OBJ_cmp(oid, manifest_oid) == 0) { if (!x509_location(fn, "SIA: rpkiManifest", - "rsync://", ad->location, &cert->mft)) + RSYNC_PROTO, ad->location, &cert->mft)) goto out; } else if (OBJ_cmp(oid, notify_oid) == 0) { if (!x509_location(fn, "SIA: rpkiNotify", - "https://", ad->location, &cert->notify)) + HTTPS_PROTO, ad->location, &cert->notify)) goto out; } } diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h index 142c26e52..d89c352e4 100644 --- a/usr.sbin/rpki-client/extern.h +++ b/usr.sbin/rpki-client/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.212 2024/03/19 05:04:13 tb Exp $ */ +/* $OpenBSD: extern.h,v 1.213 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -1015,4 +1015,11 @@ int mkpathat(int, const char *); /* Maximum number of delegated hosting locations (repositories) for each TAL. */ #define MAX_REPO_PER_TAL 1000 +#define HTTP_PROTO "http://" +#define HTTP_PROTO_LEN (sizeof(HTTP_PROTO) - 1) +#define HTTPS_PROTO "https://" +#define HTTPS_PROTO_LEN (sizeof(HTTPS_PROTO) - 1) +#define RSYNC_PROTO "rsync://" +#define RSYNC_PROTO_LEN (sizeof(RSYNC_PROTO) - 1) + #endif /* ! EXTERN_H */ diff --git a/usr.sbin/rpki-client/filemode.c b/usr.sbin/rpki-client/filemode.c index 90f20bf74..cd4baade1 100644 --- a/usr.sbin/rpki-client/filemode.c +++ b/usr.sbin/rpki-client/filemode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: filemode.c,v 1.39 2024/03/19 05:04:13 tb Exp $ */ +/* $OpenBSD: filemode.c,v 1.40 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2019 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -62,11 +62,11 @@ parse_load_crl(char *uri) if (uri == NULL) return; - if (strncmp(uri, "rsync://", strlen("rsync://")) != 0) { + if (strncmp(uri, RSYNC_PROTO, RSYNC_PROTO_LEN) != 0) { warnx("bad CRL distribution point URI %s", uri); return; } - uri += strlen("rsync://"); + uri += RSYNC_PROTO_LEN; f = load_file(uri, &flen); if (f == NULL) { @@ -97,11 +97,11 @@ parse_load_cert(char *uri) if (uri == NULL) return NULL; - if (strncmp(uri, "rsync://", strlen("rsync://")) != 0) { + if (strncmp(uri, RSYNC_PROTO, RSYNC_PROTO_LEN) != 0) { warnx("bad authority information access URI %s", uri); return NULL; } - uri += strlen("rsync://"); + uri += RSYNC_PROTO_LEN; f = load_file(uri, &flen); if (f == NULL) { @@ -318,8 +318,8 @@ proc_parser_file(char *file, unsigned char *buf, size_t len) printf("--\n"); } - if (strncmp(file, "rsync://", strlen("rsync://")) == 0) { - file += strlen("rsync://"); + if (strncmp(file, RSYNC_PROTO, RSYNC_PROTO_LEN) == 0) { + file += RSYNC_PROTO_LEN; buf = load_file(file, &len); if (buf == NULL) { warn("parse file %s", file); diff --git a/usr.sbin/rpki-client/http.c b/usr.sbin/rpki-client/http.c index 2d76f67d9..c066ef075 100644 --- a/usr.sbin/rpki-client/http.c +++ b/usr.sbin/rpki-client/http.c @@ -1,4 +1,4 @@ -/* $OpenBSD: http.c,v 1.81 2024/03/12 16:02:30 job Exp $ */ +/* $OpenBSD: http.c,v 1.82 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2020 Nils Fisher * Copyright (c) 2020 Claudio Jeker @@ -412,7 +412,7 @@ proxy_parse_uri(char *uri) if (uri == NULL) return; - if (strncasecmp(uri, "http://", 7) != 0) + if (strncasecmp(uri, HTTP_PROTO, HTTP_PROTO_LEN) != 0) errx(1, "%s: http_proxy not using http schema", http_info(uri)); host = uri + 7; @@ -479,7 +479,7 @@ http_parse_uri(char *uri, char **ohost, char **oport, char **opath) char *host, *port = NULL, *path; char *hosttail; - if (strncasecmp(uri, "https://", 8) != 0) { + if (strncasecmp(uri, HTTPS_PROTO, HTTPS_PROTO_LEN) != 0) { warnx("%s: not using https schema", http_info(uri)); return -1; } diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c index f962d8174..a13faa83d 100644 --- a/usr.sbin/rpki-client/main.c +++ b/usr.sbin/rpki-client/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.254 2024/03/01 09:36:55 job Exp $ */ +/* $OpenBSD: main.c,v 1.255 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2021 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -433,7 +433,7 @@ queue_add_file(const char *file, enum rtype type, int talid) char *nfile; size_t len = 0; - if (!filemode || strncmp(file, "rsync://", strlen("rsync://")) != 0) { + if (!filemode || strncmp(file, RSYNC_PROTO, RSYNC_PROTO_LEN) != 0) { buf = load_file(file, &len); if (buf == NULL) err(1, "%s", file); @@ -494,7 +494,7 @@ queue_add_from_cert(const struct cert *cert) size_t repourisz; int shortlisted = 0; - if (strncmp(cert->repo, "rsync://", 8) != 0) + if (strncmp(cert->repo, RSYNC_PROTO, RSYNC_PROTO_LEN) != 0) errx(1, "unexpected protocol"); host = cert->repo + 8; diff --git a/usr.sbin/rpki-client/repo.c b/usr.sbin/rpki-client/repo.c index 77967f4ac..1b7fa5744 100644 --- a/usr.sbin/rpki-client/repo.c +++ b/usr.sbin/rpki-client/repo.c @@ -1,4 +1,4 @@ -/* $OpenBSD: repo.c,v 1.54 2024/02/26 15:40:33 job Exp $ */ +/* $OpenBSD: repo.c,v 1.55 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2021 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -338,7 +338,7 @@ ta_fetch(struct tarepo *tr) if (!rrdpon) { for (; tr->uriidx < tr->urisz; tr->uriidx++) { if (strncasecmp(tr->uri[tr->uriidx], - "rsync://", 8) == 0) + RSYNC_PROTO, RSYNC_PROTO_LEN) == 0) break; } } @@ -353,7 +353,8 @@ ta_fetch(struct tarepo *tr) logx("ta/%s: pulling from %s", tr->descr, tr->uri[tr->uriidx]); - if (strncasecmp(tr->uri[tr->uriidx], "rsync://", 8) == 0) { + if (strncasecmp(tr->uri[tr->uriidx], RSYNC_PROTO, + RSYNC_PROTO_LEN) == 0) { /* * Create destination location. * Build up the tree to this point. @@ -499,9 +500,9 @@ rrdp_filename(const struct rrdprepo *rr, const char *uri, int valid) char *nfile; const char *dir = rr->basedir; - if (!valid_uri(uri, strlen(uri), "rsync://")) + if (!valid_uri(uri, strlen(uri), RSYNC_PROTO)) errx(1, "%s: bad URI %s", rr->basedir, uri); - uri += strlen("rsync://"); /* skip proto */ + uri += RSYNC_PROTO_LEN; /* skip proto */ if (valid) { if ((nfile = strdup(uri)) == NULL) err(1, NULL); @@ -1301,7 +1302,8 @@ repo_proto(const struct repo *rp) if (rp->ta != NULL) { const struct tarepo *tr = rp->ta; if (tr->uriidx < tr->urisz && - strncasecmp(tr->uri[tr->uriidx], "rsync://", 8) == 0) + strncasecmp(tr->uri[tr->uriidx], RSYNC_PROTO, + RSYNC_PROTO_LEN) == 0) return "rsync"; else return "https"; diff --git a/usr.sbin/rpki-client/rrdp_delta.c b/usr.sbin/rpki-client/rrdp_delta.c index a4303bc45..7b38669ad 100644 --- a/usr.sbin/rpki-client/rrdp_delta.c +++ b/usr.sbin/rpki-client/rrdp_delta.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rrdp_delta.c,v 1.12 2023/12/27 07:17:39 tb Exp $ */ +/* $OpenBSD: rrdp_delta.c,v 1.13 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2020 Nils Fisher * Copyright (c) 2021 Claudio Jeker @@ -124,7 +124,7 @@ start_publish_withdraw_elem(struct delta_xml *dxml, const char **attr, for (i = 0; attr[i]; i += 2) { if (strcmp("uri", attr[i]) == 0 && hasUri++ == 0) { if (valid_uri(attr[i + 1], strlen(attr[i + 1]), - "rsync://")) { + RSYNC_PROTO)) { uri = xstrdup(attr[i + 1]); continue; } diff --git a/usr.sbin/rpki-client/rrdp_notification.c b/usr.sbin/rpki-client/rrdp_notification.c index 4c5585a9c..310ba99ad 100644 --- a/usr.sbin/rpki-client/rrdp_notification.c +++ b/usr.sbin/rpki-client/rrdp_notification.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rrdp_notification.c,v 1.19 2023/12/27 07:17:39 tb Exp $ */ +/* $OpenBSD: rrdp_notification.c,v 1.20 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2020 Nils Fisher * Copyright (c) 2021 Claudio Jeker @@ -228,7 +228,7 @@ start_snapshot_elem(struct notification_xml *nxml, const char **attr) for (i = 0; attr[i]; i += 2) { if (strcmp("uri", attr[i]) == 0 && hasUri++ == 0) { if (valid_uri(attr[i + 1], strlen(attr[i + 1]), - "https://") && + HTTPS_PROTO) && valid_origin(attr[i + 1], nxml->notifyuri)) { nxml->snapshot_uri = xstrdup(attr[i + 1]); continue; @@ -274,7 +274,7 @@ start_delta_elem(struct notification_xml *nxml, const char **attr) for (i = 0; attr[i]; i += 2) { if (strcmp("uri", attr[i]) == 0 && hasUri++ == 0) { if (valid_uri(attr[i + 1], strlen(attr[i + 1]), - "https://") && + HTTPS_PROTO) && valid_origin(attr[i + 1], nxml->notifyuri)) { delta_uri = attr[i + 1]; continue; diff --git a/usr.sbin/rpki-client/rrdp_snapshot.c b/usr.sbin/rpki-client/rrdp_snapshot.c index 3aa3855ad..47c4380fd 100644 --- a/usr.sbin/rpki-client/rrdp_snapshot.c +++ b/usr.sbin/rpki-client/rrdp_snapshot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rrdp_snapshot.c,v 1.8 2023/12/27 07:17:39 tb Exp $ */ +/* $OpenBSD: rrdp_snapshot.c,v 1.9 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2020 Nils Fisher * Copyright (c) 2021 Claudio Jeker @@ -119,7 +119,7 @@ start_publish_elem(struct snapshot_xml *sxml, const char **attr) for (i = 0; attr[i]; i += 2) { if (strcmp("uri", attr[i]) == 0 && hasUri++ == 0) { if (valid_uri(attr[i + 1], strlen(attr[i + 1]), - "rsync://")) { + RSYNC_PROTO)) { uri = xstrdup(attr[i + 1]); continue; } diff --git a/usr.sbin/rpki-client/rsync.c b/usr.sbin/rpki-client/rsync.c index ca838e08f..33fe81541 100644 --- a/usr.sbin/rpki-client/rsync.c +++ b/usr.sbin/rpki-client/rsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsync.c,v 1.49 2024/02/26 20:37:27 job Exp $ */ +/* $OpenBSD: rsync.c,v 1.50 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -65,7 +65,7 @@ rsync_base_uri(const char *uri) char *base_uri; /* Case-insensitive rsync URI. */ - if (strncasecmp(uri, "rsync://", 8) != 0) { + if (strncasecmp(uri, RSYNC_PROTO, RSYNC_PROTO_LEN) != 0) { warnx("%s: not using rsync schema", uri); return NULL; } diff --git a/usr.sbin/rpki-client/tal.c b/usr.sbin/rpki-client/tal.c index a1af4a70d..d8f475c1a 100644 --- a/usr.sbin/rpki-client/tal.c +++ b/usr.sbin/rpki-client/tal.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tal.c,v 1.39 2023/06/29 10:28:25 tb Exp $ */ +/* $OpenBSD: tal.c,v 1.40 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons * @@ -84,8 +84,8 @@ tal_parse_buffer(const char *fn, char *buf, size_t len) goto out; } /* Check that the URI is sensible */ - if (!(strncasecmp(line, "https://", 8) == 0 || - strncasecmp(line, "rsync://", 8) == 0)) { + if (!(strncasecmp(line, HTTPS_PROTO, HTTPS_PROTO_LEN) == 0 || + strncasecmp(line, RSYNC_PROTO, RSYNC_PROTO_LEN) == 0)) { warnx("%s: unsupported URL schema: %s", fn, line); goto out; } diff --git a/usr.sbin/rpki-client/x509.c b/usr.sbin/rpki-client/x509.c index 962cd829d..a2257ccf9 100644 --- a/usr.sbin/rpki-client/x509.c +++ b/usr.sbin/rpki-client/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.83 2024/03/20 04:36:30 job Exp $ */ +/* $OpenBSD: x509.c,v 1.84 2024/03/22 03:38:12 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2021 Claudio Jeker @@ -535,8 +535,8 @@ x509_get_sia(X509 *x, const char *fn, char **sia) if (rsync_found) continue; - if (strncasecmp(*sia, "rsync://", 8) == 0) { - const char *p = *sia + strlen("rsync://"); + if (strncasecmp(*sia, RSYNC_PROTO, RSYNC_PROTO_LEN) == 0) { + const char *p = *sia + RSYNC_PROTO_LEN; size_t fnlen, plen; rsync_found = 1; @@ -773,7 +773,7 @@ x509_get_crl(X509 *x, const char *fn, char **crl) crl)) goto out; - if (strncasecmp(*crl, "rsync://", 8) == 0) { + if (strncasecmp(*crl, RSYNC_PROTO, RSYNC_PROTO_LEN) == 0) { rsync_found = 1; goto out; }