Ingore packages with invalid prefixlen.
Rouge router advertisements with a prefixlen > 128 would make slaacd
exit with a fatal error, leading to a denial of service.
The same issue exists in dhcp6leased where a rouge prefix delegation
would make dhcp6leased exit with a fatal error, leading to a denial of
service.
Pointed out by Ivan of Quarkslab.
input & OK deraadt
Add support for external account binding. If we're creating a new account
with the ACME CA, and we have an EAB key and key ID specified with the new
-e command line argument, compute the required hash of the account details
and include it in the new account request.
feedback from florian@ and tb@
tested against security/pebble and Digicert by me, and against Actalis by
rroadrrunner at proton dot me.
ok florian@ tb@
Attach ksmn(4) on 19h/1x devices
Tested on:
cpu0: AMD EPYC 9354P 32-Core Processor, 3250.01 MHz, 19-11-01, patch 0a101154
and fix the assertion ksmn_ccd_attach to allow for devices with 12 CCDs.
ok brynet@ claudio@
Replace assert() with a graceful failure by aborting the http request.
An overlong HTTP line can fill the receive buffer to its max but then
http_get_line() would still return NULL trying to read more data.
Since the buffer is full the assert would trigger. Now the http request
is terminated.
Reported by Frank Denis
OK tb@
For bgpctl show mrt detail print the last change time as an ISO format time.
If abs_time is set then switch fmt_monotime() to absolute timestamps.
This uses monotime_to_time, gmtime and strftime("%FT%TZ") to get an
ISO format timestamp string.
While there also adjust get_rel_monotime() to be more like
monotime_to_time() and stop treating negative numbers as error.
In fmt_monotime() check the monotime against 0 to print 'Never' for timers
that are not running.
With this bgpctl show mrt detail prints:
Last update: 2019-05-08T20:03:06Z
OK tb@
rfc3779 test: exercise IPAddressFamily_cmp a bit more
This populates an IPAddrBlocks object with not all that sensible data and
tests behavior of serialization and deserialization of this thing. Prior
to x509_addr.c rev 1.96 this would call memcmp() on NULL.
Implement a better fix. The previous fix allowed to overflow in a
different spot. This would still only lead to a crash, and would only be
reachable by arbitrary users if the admin enabled the agentx socket, and
set custom permissions.
OK deraadt@, mvs@
mention that compression could potentially leak information about session
contents (cf. the CRIME attack on TLS) if a connection allows attacker-
controlled traffic over it alongside trused traffic. This might occur
in some forwarding scenarios.
with deraadt@
In the vscsi_callback() handle ISCSI_SCSI_STAT_CHCK_COND more carefully.
Especially the embedded sense data needs to be extracted respecting the
real buffer length. Make sure at least 2 bytes are availabe for the lenght
and also check that the resulting len is not bigger then the buffer
itself.
Reported by Frank Denis
OK deraadt@
Introduce a force_update flag to force pend_prefix_add() calls
in adjout_prefix_update().
peer_dump() can be called with a preloaded Adj-RIB-Out and in that case
the code needs to force updates out. This is done instead of walking the
table twice -- once with peer_dump() and then with peer_blast().
Using the force_update flag there ensures that all entries are properly
sent to the peer.
OK tb@
sndiod: Allow control slots to have NULL opt pointer
This case is not encoutered yet, but to control non-audio properties
the control slots must work with no opt structure.
Adjust last commit, the loop termination was not quite correct.
Set pte to NULL before the inner pt_get loop so that the outer
loop terminates correctly on (!found && pte != NULL).
Since pte is NULL now plen needs to be set earlier as well.
OK tb@