relayd: reject obs-fold to prevent parser differentials (RFC 9112 5.2)
Replace silent kv_extend normalisation with an unconditional reject.
RFC 9112 5.2 permits rejection; it is safer than SP replacement
for a forwarding proxy and handles both request and response direction.
kv_extend is therefore no longer required.
Reported by Stuart Thomas, OK kirill@
httpd: reject obs-fold with 400 (RFC 9112 5.2)
Replace silent kv_extend normalisation with an unconditional 400.
RFC 9112 5.2 explicitly permits rejection; it is the safer choice
over SP replacement, which hides parser ambiguity downstream.
Reported by Stuart Thomas, OK kirill@
Set MT_HW_EMI_CTL_SLPPROT_EN on 7925 in mwx_attach and then do a
WF sys reset.
From kevlo@
VS: ----------------------------------------------------------------------
Fix roaming between APs with qwx(4).
Implement a custom bgscan_done() handler which waits for Tx queues to
drain and handles the AP switch properly by disassociating the device
from our old AP while we still have the old AP's MAC address available
in ic_bss.
Previously, the qwx_newstate task would run a firmware disassociation
sequence with the _new_ AP's MAC address before trying to associate.
The firmware didn't like this and we ran into errors such as:
qwx0: delete key 3 failed: error 58
qwx0: failed to delete peer vdev_id 0 addr xx:xx:xx:xx:xx:xx ret 58
qwx0: unable to delete BSS peer: 58
tested by ajacoutot@ and myself on amd64, and by phessler@ on arm64
ok phessler@, "it works great" ajacoutot@
always allow data frame interrupts in qwx(4) while the interface is UP
This helps with situations where we would fail to receive the initial
EAPOL frame during WPA handshakes with the AP, in particular when
roaming between APs.
tested by ajacoutot@ and myself on amd64, and by phessler@ on arm64
Delete __tmpfd(2) which is not used. There was no libc stub, so no
pinsyscalls table entry is ever created, so a pecululiar flaw in this
subsystem wasn't reachable.
ok millert kettenis
sys/uvideo: fix UVIDEO_FLAG_VENDOR_CLASS attach
UVIDEO_FLAG_VENDOR_CLASS has been broken since r1.147: attach selected
only UICLASS_VIDEO interfaces, even after match accepted a device whose
video control interface incorrectly reports UICLASS_VENDOR.
Restore the vendor class path in attach, and add the remaining Logitech
vendor class UVC devices listed by Linux for which usbdevs already has
product IDs.
Issue reported and tested by "requiem." on Logitech QuickCam Pro5000
OK: mglocker@
Improve checking of ELF notes. This adds checks for overflow when rounding
sizes up to be a multiple of the ELF word size and adds checks to prevent
out of bounds access.
Based on a report and diff from Andrew Griffiths.
ok jsg@, deraadt@
Default 'announce as-4byte' to 'enforce' for all peers
After close to 20 years of 4-byte AS support in bgpd it is time to enforce
it. The fall back code from 2-byte AS to 4-byte AS is non-trivial and
the RFC is way to optimistic and ignores many possible error conditions.
All relevant BGP implementations support 4-byte ASnums so it is a
misconfiguration to not use this by default. Most implementations do this
by default.
In the unlikely cases where 2-byte AS support is still needed one can
fall back to the previous default by using 'announce as-4byte yes'.
OK tb@ job@
Reimplement aspath_merge() in a more cynical fashion
Mergin AS4_PATH into ASPATH can be done a bit simpler by using the fact
that AS4_PATH must be a subset of ASPATH. The resulting path has the same
size and layout as the ASPATH. bgpd inflates the 2-byte ASPATH to 4-byte
representation early on so this simplifies the merge.
When mering the path be strict and any difference in the two paths triggers
a treat-as-withdraw error. Something is off so refuse to work with this path.
This is harsher than RFC 6793 but the concerns then no longer matter.
Use ibuf for all the buffers to have memory safety during this merge operation.
OK tb@
