Make sure replies contain the expected server-id.
We only speak to and expect an answer from a specific server when we
are requesting or renewing a lease. In all other case we accept an
answer from any server.
Pointed out by Clouditera Security.
OK tb
Check that the server selected ciphersuite is valid for use with TLSv1.2.
In the legacy stack, ensure that the server selected ciphersuite is valid
for use with TLSv1.2 - this effectively means that it is not a TLSv1.3
ciphersuite. We currently fail the handshake, but at a later stage.
Reported by Tom Gouville from the tlspuffin team.
ok tb@
Remove check for use of TLSv1.2 ciphersuites with TLSv1.1 and earlier.
We no longer negotiate any TLS version lower than TLSv1.2, so this is now
redundant.
ok tb@
Replace SHA-256 and SHA-512 implementations in libc.
Replace the existing SHA-256 and SHA-512 implementations in libc with
versions that leverage some of the recent code in libcrypto. The existing
API is retained, along with reuse of the existing SHA2_CTX definitions.
These versions use static inline functions instead of macros and spell
out the full variable rotations to follow the specification, rather than
trying to outsmart the compiler.
This also gives us a basis to provide per-architecture accelerated
implementations, based on those in libcrypto.
ok naddy@ tb@
Add modal panes, created currently with new-pane -O. There is one modal
pane per window and it must be a floating pane. These are intended to
replace popups. Currently a modal pane will unzoom a zoomed window and
rezoom it when it is closed (a bit like modes do), but this is planned
to change when we get an always-on-top flag.
rework the force_update logic in the adj-rib-out
On initial connect the system needs to sync the adj-rib-out of a peer with
the Loc-RIB. This happens via peer_dump() and in this case the system
needs to push out all updates (but can drop any withdraw).
To do this a force_update flag was introduced but actually it is better to
use the mode argument and introduce EVAL_SYNC for this case.
If mode == EVAL_SYNC adjout_prefix_update needs to force the update and
adjout_prefix_withdraw can drop the withdraw.
The other user of peer_dump() is during config reloads where the RIB of a
peer is altered. In that case the adj-rib-out is first flushed. Because of
this flush peer_dump can be used to push out all updates.
This also removes the NOTYET block in peer_generate_update() and
replaces it with inside up_generate_addpath_all() with a call
up_generate_addpath().
OK tb@
cnmac: Fix packet corruption with veb(4)
Account for VLAN header when setting IP packet offset for TCP/UDP
checksum offload on transmit. Otherwise cnmac(4) can corrupt packets
that are sent through veb(4).
Initial patch from Sergii Rudchenko.
ether_extract_headers() usage added by me.
OK kirill@
Fix an inversed if-condition in ieee80211_michael_mic_failure()
Make the check for 60 seconds since the most recent previous MIC failure
work as intended. The code was enabling TKIP countermeasures if 60 seconds
have passed since the previous MIC failure. The intention is to enable
countermeasures only if less than 60 seconds have passed.
LLMS got very excited about this, even though nobody is expected to be
running an access point with WPA1 enabled in 2026.
TKIP is disabled by default. We keep it around just in case we need to
connect to the world via a forgotten 802.11g era AP out in a desert.
rpki-client: only output config files on successful run
While the suggested cronjob is 'rpki-client -v && bgpctl reload' and thus
only reloads bgpd if rpki-client completes successfully, the output logic
creates a config file that might still be loaded by an operator by hand.
If an error occurred in one of the subprocesses, only output ometrics (if
requested) and do not generate bgpd, bird, csv, json, and ccr.
ok claudio job