usr.sbin/httpd: inherit gzip-static in locations
Location configuration inherited most server level options but dropped
gzip-static, so requests matching a location skipped static gzip lookup
even when the parent server enabled it.
Add an explicit no gzip-static state and inherit the gzip flag pair only
when the location has not set either form, preserving location specific
overrides.
Reported by and OK: job@
While technically allowed, shared libraries without PT_LOAD segments
don't really make any sense. Bail out early to avoid the bits of code
that assume that we have a PT_LOAD sagment. This avoids a NULL pointer
dereference on i386 (which uses library_mquery.c) or bogus mmap calls
on other architectures (which use library.c).
The potential NULL pointer dereference in library_mquery.c was found by
Frank Denis.
ok guenther@
The regression fix in rev. 1.271 was still incomplete.
While the fchdir(2) in main() is indeed needed such that the mparse_open()
in process_onefile() finds local files, there is a second, smaller
issue purely inside check_xr(): As the ultimate fallback, fs_search()
looks for cross-referenced manual pages in the current directory,
which is typically used for working on software under development
that is not yet installed. Consequently, a second fchdir(2) is needed
inside check_xr() between mansearch(), which typically changes directory,
and the subsequent fs_search().
This makes sure that "mandoc -T lint" on a manual page that contains
an .Xr link to another manual page that is not installed but present
in the current directory does not complain about that link.
Again reported by anton@.
The fix is slightly awkward because the directory file descriptor
needs to be passed down through multiple layer of subroutines, but i
fear that cannot be helped because it is needed both in the main program
and in the low-level function check_xr().
Add kernel support for the vector extension on riscv64.
The V extension (where supported) adds an additional 32 vector registers
that are variable length (up to 65,536 bits, but more commonly 2048 bits).
In order to support the use of the V extension (and additional vector
extensions) we need to enable the vector extension and save/restore the
vector registers.
ok kettenis@
openssl s_client: avoid two out of bounds writes
A NUL termination after an unchecked BIO_read() call in XMSS mode could
lead to a write one byte before the start of sbuf or one past its end.
Add an error check to avoid the former and read one byte less to avoid the
latter.
Found by Frank Denis
libssl: record extension lengths in ClientHello hashing
The ClientHello hash is intended to ensure that the second CH after an HRR
only makes the allowed changes to the TLS extensiosn by recording message
type followed by the raw extension data if it must remain unchanged.
This makes it possible (in principle) that part of free form extension
data is confused with type (and length) information of a subsequent
extension.
Recording the length after the type prevents such a confusion and fixes
the framing of the extensions.
Found by Frank Denis
ok jsing
PKCS#12: fix erroneous error check in PKCS12_newpass()
This is an error I introduced in a refactoring two years ago in r1.20.
This means that nothing uses this...
From Frank Denis via logan
Use uint32_t instead of SHA_LONG in the SHA-256 code.
This is more readable and we already have a compile time assert that they
are the same size.
ok tb@
MT_DMASHDL_SW_CONTROL is accessed via remapping. Define it with
the explicit address 0x7c026004 as Linux does to avoid confusion.
While here, remove duplicate definitions of MT_PCIE_MAC_BASE and
MT_PCIE_MAC_INT_ENABLE.
ok claudio@
Avoid recursive cleanup in getrrsetbyname()
Instead of freeing struct dns_query and struct dns_rr by walking the
linked lists recursively, use a simple loop. This avoids a possible
stack exhaustion unlikely to be reachable with the limits modern
resolvers impose.
From Dhiraj Mishra
ok djm
avoid leaking memory when mbuf chain allocations fail in tun_dev_write()
the mbufs built by tun_dev_write used to be limited to a single
mbuf and cluster, but has grown in complexity now that it supports
tun_hdr and tso, which required building mbuf chains. some of the
error handling when allocating mbuf bits wasnt adapted to free the
preceding chain when later allocaitons failed, resulting in a memory
leak.
reported by frank denis
rpki-client: fix ip_addr_check_overlap()
There is an off-by-one in the ip_addr_check_overlap() logic which allows
a newly added interval to overlap in a common end point with an interval
already in the list. Disallow equality in the two memcmp to avoid this.
This bug dates back to the initial import of rpki-client where malformed
certificates would be accepted. In modern rpki-client, the impact of this
has been minimal ever since we started requiring that libcrypto support
the RFC 3779 extensions in early 2022 by disallowing unknown critical
extensions (rpki-client 7.6):
For certificates this duplicates a check in the X.509 verifier (where it
is correct). For TA constraints we have a canonicalization procedure that
ensures the absence of overlaps. For ROAs no such check can be made since
standards historically haven't required that addresses are canonical and
still don't. The only remaining use of this API is from rsc.c where the
overlap condition is indeed a small problem.
[3 lines not shown]
rpki-client: fix shortlist and skiplist checks
Ensure that each le->fqdn is fully matched. If the the host in the SIA
is short and matches a prefix of an FQDN in the shortlist or skiplist,
the current checks in queue_add_from_cert() will incorrectly trigger.
Compute the host length once and by checking it against the length of
each le->fqdn ensure that it is an exact case sensitive match, rather
than only a prefix.
Found by Frank Denis
ok claudio job
