rpki-client: rename INR extension handlers
These are the only two extension handlers having an sbgp_ prefix. Rename
them to cert_ipaddrblocks() and cert_asids() for consistency.
ok job (part of a larger diff)
More work to handle devices which don't have a copy of the STI ROM available
through one of the regular BARs, and have a shared decoder for BAR and ROM.
Such devices can't have their BAR accessed when the ROM is mapped. In this case,
we make a memory copy of the ROM contents and point the STI routines to it,
without leaving the ROM mapped.
This ought to be able to make the FireGL-UX work, but unfortunately it still
hangs the PCI bus when accessing the frame buffer memory at low addresses.
A good side effect of these changes, though, is that we no longer keep a
bus_space mapping on the PCI ROM after initial ROM grovelling. On systems
where the PDC firmware maps all PCI ROM at the same address (since only one
may be active at any time), this lets multiple STI PCI devices attach and
operate correctly, rather than only one attaching and the others complaining
being unable to map the ROM, with errno being EAGAIN.
rpki-client: add compat for BIT STRING accessors
ASN.1 bit strings are DER encoded by zero-padding the bit string at the end
to a length divisible by eight. The number of padding bits ("unused bits"),
a number between 0 and 7, is stored in the first value octet, the remainder
of the value octets are formed by the zero-padded bit string.
Since asn1_string_st is opaque in OpenSSL 4, there need to be accessors for
length and unused bits, which is what is added here. The getter assumes the
ASN1_STRING_FLAG_BITS_LEFT flag is set on a bit string, which is always the
case for deserialized bit strings. I prefer not to elaborate on the madness
hiding here at this point in time...
LibreSSL will likely add these accessors to libcrypto in the ongoing cycle,
but we will need this compat code for OpenSSL and older LibreSSL anyway.
The code is not yet used in rpki-client. The conversions will be committed
soon.
ok claudio job
Add support for line numbers in copy mode. A new copy-mode-line-numbers
option has the following modes: off, default (tmux's normal line
numbering where 0 is the top visible line), absolute (first line in
history is 1), relative (relative to the cursor) and hybrid (current
line is absolute, others relative). Also adds
copy-mode-line-number-style and copy-mode-current-line-number-style to
set the style of the line numbers. When copy mode is entered with the
mouse, line numbers stay off.
From Leo Henon in GitHub issue 5025.
In the rtr_reader_callback() make sure that the PDU length is not only
smaller than RTR_MAX_PDU_SIZE but also larger than sizeof(struct rtr_header).
Passing a too small value will trigger a fatal error later on which is
not great. Also switch the type of len to size_t, there is no need for
a signed value here.
OK tb@
Refactor dtls1_do_write_handshake_message().
If the call to dtls1_write_bytes() fails, handle the potential MTU update
and return/continue, which allows for the remainder to be moved out of an
else statement.
ok kenjiro@ tb@
bgpctl: add log.c for bgpctl
This provides log_{warn{,x},info,debug}() and fatal{,x}() implementations
that wrap the err.h API. They are API compatile with bgpd's log.h and will
help undo some contortions where we had to put log calls into weird spots
because of code sharing between bgpd and bgpctl.
ok claudio
Split dtls1_do_write() into handshake message and CCS handling.
dtls1_do_write() is currently a single function that handles both handshake
messages and CCS. This is a strange mix that only serves to complicate the
code - handshake messages have their own headers and may need to be
fragmented, while CCS must be sent verbatim (and only contain a single
byte). Pull the CCS part out into a separate function, simplifying the
code. By definition, when sending a CCS message the MTU will already be
set appropriately.
ok kenjiro@ tb@
Avoid unnecessary lookups in dtls1_retransmit_message().
dtls1_retransmit_buffered_messages() is iterating over the sent_messages
pqueue, only to pass dtls1_retransmit_message() a sequence number that it
turns back into a priority, to then do a lookup on the sent_messages pqueue.
This is pointless given that we already have the message that we need to
retransmit - just pass that to dtls1_retransmit_message() directly.
ok kenjiro@ tb@
Make dtls1_retransmit_message() static.
This function is only called from dtls1_retransmit_buffered_messages().
Make it static and move it above the caller.
ok kenjiro@ tb@
Inline dtls1_fix_message_header().
This is only used in one place and it makes no sense to have it as a
separate function. Furthermore, pull up an assertion so that we check
before assigning frag_len.
ok kenjiro@ tb@
