a868b913gpr(4) goes away by
deraadt2019-12-13 21:03:57 +0000
9bf208a9The file passed to realpath(3) must exists, adjust man page to new behavior. noticed by hshoexer@; OK beck@ by
bluhm2019-12-11 20:01:50 +0000
1e573aa5- fix some Xr; from martin - minor tweaks while here by
jmc2019-12-05 21:45:05 +0000
582f3954some minor tweaks; by
jmc2019-12-04 19:01:49 +0000
6dcf7091I accidentally smashed wrong contents into this file. Repair from Martin @ academicsolutions.ch by
deraadt2019-12-04 18:28:38 +0000
019832a5Insert missing && by
job2019-12-04 15:07:51 +0000
0a3f2e76Attempt to smear out stampedes on the RPKI rsync servers by
job2019-12-04 14:49:19 +0000
665b6e69sync names by
deraadt2019-12-02 02:45:18 +0000
2c19103egrow i386 cd ramdisk a little bit by
deraadt2019-12-01 05:16:40 +0000
c5cbd5ffTweak rpki-client to create all 4 output file formats from a single compute, based upon flags. OpenBGPD compatible format by default if no options, to integrate with bgpd.conf and bgpctl reload. Adapt mtree and stuff. This will receive further refactoring... ok benno job by
deraadt2019-11-30 02:31:12 +0000
f42d7a1fUncomment a single line in root's crontab to run rpki-client and reload bpgd configuration, which enables Enterprise-Ready Industry-Leading-by-Example RPKI ROA filtering on your OpenBGP edge. Arguments remain about how often to run this operation, for now we propose 9AM when people who can fix their shit are in the office. ok claudio benno by
deraadt2019-11-29 04:25:11 +0000
8eb27cfbImport /var/db/rpki-client/roa and filter discussed at length with claudio and benno by
deraadt2019-11-29 03:42:10 +0000
47999cd7add /var/cache/rpki-client, ok deraadt@ by
benno2019-11-29 03:28:20 +0000
e910e65ecreate a var/db/rpki-client/roa file with correct ownership so that rpki-client(8) can deal with it (some upcoming changes...) by
deraadt2019-11-29 03:22:13 +0000
0b0f938ccreate var/db/rpki-client directory with correct mode by
deraadt2019-11-29 03:19:54 +0000
256c1c68Nuke http captive portal detection; something better is coming. OK otto by
florian2019-11-27 17:09:12 +0000
971eb35fmake implicit "listen on socket" explicit, the default config no longer has any implicit behavior by
gilles2019-11-26 20:14:38 +0000
7e2b6d33use explicit from notation in default config by
gilles2019-11-25 13:30:04 +0000
65060c8asndiod(8) reopens audio interfaces on SIGHUP, which makes a lot of sense when -F is used. Because of this allow rc.d script to reload sndiod. OK kn ratchov aja by
claudio2019-11-22 06:31:30 +0000
97919939zero tmpout too. reminded by related diff from tim by
tedu2019-11-21 16:13:39 +0000
030f5c6eoverwrite the key in failure modes in case the caller doesn't check. ok deraadt by
tedu2019-11-21 16:07:24 +0000
c8b542ecfix the spelling of rpki, as noted by jmc@ by
benno2019-11-15 11:36:02 +0000
de85982cgrow an install media by
deraadt2019-11-15 03:10:21 +0000
feb6c25cuid/gid 70 is _rpki-client for privdrop; ok benno by
deraadt2019-11-14 22:07:28 +0000
d8afe995RDIRS for libcbor and libfido2 by
djm2019-11-14 21:14:53 +0000
ed16e2b6tweak previous; ok deraadt by
jmc2019-11-12 07:19:18 +0000
d090b243sensors can als be marked trusted; ok deraadt@ by
otto2019-11-11 17:42:28 +0000
458c49a1tweak previous: delete stray .Pp by
schwarze2019-11-11 16:55:34 +0000
35e291d0change the nmea sensor to "trusted" by
deraadt2019-11-11 16:44:37 +0000
17a1cbd4trusted sub-option works on sensors also now; ok otto by
deraadt2019-11-11 16:41:29 +0000
00f92e8dAlso implement "trusted" for sensors; do not do constraint validation for these. ok deraadt@ by
otto2019-11-11 06:32:52 +0000
c5e229f6move /usr and var remounting (nfs diskless case...) earlier, so that unwind can be started (silently) before pf is configured (for those few weirdos who use hostnames in pf.conf...). Other unidentified concerns may be improved by this startup re-ordering, so let's give it a try. discussed with florian. by
deraadt2019-11-11 04:55:37 +0000
e3b7366fremove -s and -S documentation, and explain the boot-time startup mode more clearly ok ingo schwarze by
deraadt2019-11-11 01:05:30 +0000
796283a2Disable -s and -S functionality. -s would force time using NTP packets without any MITM protection checks. We've had constraint checks for MITM protection for some time. Recent work changed the default mode to rapidly check NTP packets against constraint validation, as the default mode. In environments where https traffic doesn't work, ethernet-near servers can be labelled as "trusted". trusted sensor support is also coming. We have reasons to immediately move people away from the -s mode. ok otto by
deraadt2019-11-11 01:04:55 +0000
c70a4809update ntpd example configuration by
deraadt2019-11-11 00:01:20 +0000
739d84ffdocument server/servers "trusted" sub-option. Indicates a particular server is wired up such that non MITM attacks are possible, and NTP packets can be trusted. Therefore constraint validity is not required, and during boot ntpd can spin-up correct time faster. with otto, ok jmc schwarze by
deraadt2019-11-10 19:28:34 +0000
21c48e24Introduce a "trusted" modifier, for peers that should be on a local net used in situations where https constraints cannot be used and we still want auto settime. Result of discussion with and ok deraadt@ by
otto2019-11-10 19:24:47 +0000
e66cf3a7alphatically order sub-options for sensors, and make the explanations more similar ok jmc schwarze by
deraadt2019-11-10 18:46:53 +0000
9341a24fuse $(<file) instead of $(cat file) since this script uses ksh; ok ajacoutot@ by
naddy2019-11-10 15:02:36 +0000
016dfd72- validate sensor values against constraints - do not restart settime timeout interval if something happens in the main event loop - apply a tight loop protection; it can be painfull on a single core machine since the process runs at maximum priority. Should only happen when a bug is introduced while developing, but prevents having to machine taken over by ntpd. by
otto2019-11-10 07:32:58 +0000
3ac9b78cReenable "val-log-level: 2", so that when sites have misconfigured dnssec the sysadmin has some idea what's going on in logs, and "aggressive-nsec: yes", if we're using dnssec anyway we might as well get the benefits. These were both enabled last time dnssec was enabled in this sample unbound.conf. by
sthen2019-11-07 15:46:37 +0000
3cf6b014Enable DNSSEC validation in unbound by default by
job2019-11-07 12:49:45 +0000
daf113ffPerform contraint validation against 9.9.9.9 and 2620:fe::fe also (which avoids DNS lookups entirely, but yes this https is correctly validated) long discussions with otto, florian, and the quad9 crew. by
deraadt2019-11-06 19:04:12 +0000
66480e8awe have emergency entropy injection code in rc, for if the bootblocks and other methods failed to inject/churn the rng enough. Move it up far earlier. ok naddy sthen kettenis by
deraadt2019-11-06 16:26:24 +0000
df4870abAllow the singular constraint clause to list multiple addresses; ok deraadt@ by
otto2019-11-06 13:35:25 +0000
d7926a26Add a default priority of 5 for user _pbuild, this should help keeping system responsive during packages compilation, especially on slower machines. by
solene2019-11-05 19:03:47 +0000
726bfd4a (OPENBSD_6_6)The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. by
tb2019-10-27 20:05:12 +0000
9fe746fbhandle aggr(4) in the same way as trunk(4) by
dlg2019-10-25 06:01:27 +0000
f1890807Adjust whitespace, so Ta macros are aligned vertically as already done in ober_add_string.3 and as it was before the ber -> ober rename. by
tb2019-10-25 04:00:10 +0000
c7e739d8The ber_* namespace is used by liblber since time immemorial, so move our BER API to the unused ober_* prefix to avoid some breakage in ports. by
tb2019-10-24 12:39:26 +0000
195fd275Allow the caller of asr functions to create and use a specific context. Diff from eric@ and florian@, commiting on their behalf since they are absent and we want to ride the minor shlib bump. by
otto2019-10-24 05:57:41 +0000
1f9a1ea2Import regenerated moduli file. by
dtucker2019-10-22 07:06:35 +0000
e4826786regen by
kettenis2019-10-20 16:31:44 +0000
45e6f430Add /dev/pri. by
kettenis2019-10-20 16:31:10 +0000
2a4a6ba5Bump datasize-cur for pbuild on mips64, to make room for modernity. by
visa2019-10-18 03:40:22 +0000
ff093107 (tag: OPENBSD_6_6_BASE)accidentally stated the MP kernel twice, leading the SHA256/SHA256.sig file to contain two hashes for bsd.mp, and cause later upgrade problems spotted by afresh1 by
deraadt2019-10-12 05:22:48 +0000
f7815ee9sync arm64 pbuild resource limits with amd64; arm64 now builds some large things and can easily exceed the previous 1.5GB limit. by
sthen2019-10-07 17:52:59 +0000
38098b4aupdate pkg name by
deraadt2019-10-07 15:34:31 +0000
7fde5f36correct dates by
deraadt2019-10-07 15:32:13 +0000
558edf9ffor now, only mix in sysctl hw.{uuid,serialno,sensors} to /dev/random. as found the hard way by d.rauschenb@gmail on an old fujitsu siemens machine, reading all of hw (notable hw.setperf) can have unexpected side-effects. ok deraadt by
sthen2019-10-06 16:16:19 +0000
4b1cb379feed "sysctl hw" into /dev/random; a cheap way to feed in sensor data as a one-shot at boot without more complex kernel work, and also includes some serial numbers/guids which may add a little more entropy e.g. for systems where /etc/random.seed may be known (e.g. cloned disk images). "why not" deraadt@ by
sthen2019-10-02 17:15:40 +0000
27c779ffzap trailing whitespace; by
jmc2019-09-29 16:30:35 +0000
14f0af32Xr random 4 in a better way by
deraadt2019-09-28 15:00:44 +0000
8b4c98a6Increase datasize limit for ports building on arm64 in preparation for enabling devel/jdk/11 there. by
kurt2019-09-21 22:14:34 +0000
c85a255eCorrect sysctl section is 2 by
solene2019-09-18 08:39:06 +0000
57ef32f5Add explanation about the default value of sysctl key machdep.pwraction by
solene2019-09-18 08:38:06 +0000
867432ecAdd ttyC4 to lost of devices to change when logging in on ttyC0 (and in some cases also the serial console) such that X can use it as its VT when running without root privileges. by
kettenis2019-09-15 12:25:40 +0000
a6ca81a5Add comment line saying S is described vaguely on purpose. Prompted by guenther@ by
otto2019-09-14 13:16:50 +0000
ca8d24bbInform about system call memory write protection and stack mapping violations in system accounting. This will help to find missbehaving programs and possible attacks. The flags bit field is full, so recycle the PDP-11 compatibility on VAX. lastcomm(1) prints the AMAP flag as 'M'. daily(8) prints a list of affected processes. OK deraadt@ by
bluhm2019-09-09 20:02:26 +0000
e7559cd1Bump datasize-cur to 4Gb for pbuild class on sparc64, rust is a pig. by
landry2019-09-08 16:57:17 +0000
235460ceRemove dependency on basename(1). by
ajacoutot2019-09-07 10:02:19 +0000
e5fd32baname these manual pages by the primary function, for instance there is no function called md5() as discussed with jmc by
deraadt2019-08-30 22:20:43 +0000
855ec93eadapt to bitstring(3) renaming, and look at that bit_ffs(3) is the actual name we want to Xr... ok jmc by
deraadt2019-08-30 18:35:03 +0000
fd9d083euucplock(3) is incorrectly named in some places, it is actually uu_lock(3) (more unclear is if anything in ports uses this, as our base no longer does) by
deraadt2019-08-30 03:57:56 +0000
7635e56aspace -> tabs by
ajacoutot2019-08-25 15:50:21 +0000
a37f46cbThe piggies have outgrown their pen again: Firefox 69 will no longer build in 5 GB of memory. Bump default datasize for pbuild to 6 GB. ok landry@ ajacoutot@ by
naddy2019-08-19 20:59:14 +0000
103e227aadd 6.7 syspatch key by
robert2019-08-19 13:50:38 +0000
742a87c6Revert previous. There were some users of the quirky behaviour that were missed during code scan. by
martijn2019-08-15 06:11:18 +0000
9a09cc0eFix argument list for ber_set_writecallback by
martijn2019-08-14 19:08:03 +0000
f057789ewonky comma; by
jmc2019-08-14 17:36:04 +0000
e78f6151Document that ber_scanf_elements' 'p' and 't' attribute don't eat the current ber element. by
martijn2019-08-14 17:21:42 +0000
8eab0e41Make ber_scanf_elements's 'e' attribute eat the element. Right now all consumers use 'e' at the end of the list, so no regressions should be introduced. by
martijn2019-08-14 17:20:41 +0000
89ee3aeaMake sure that ber in ber_scanf_elements is not NULL before parsing format where ber is utilized. This also allows us to remove the ber->be_next check, which can cause weird behaviour, because a NULL be_next would result in parsing the last element twice. by
martijn2019-08-14 04:48:13 +0000
f4aac30eAdd the rpki TAL files to the changelist including arin.tal (which is not shipeed by default). OK job@ sthen@ deraadt@ by
claudio2019-08-12 13:28:15 +0000
45aad3ccThere is no reason why the TAL files are installed only readable by root these are public files. Agreed by deraadt@ (and florian@) by
claudio2019-08-12 09:49:21 +0000
61f4f28dmove to 6.6-beta by
deraadt2019-08-10 03:56:01 +0000
f8833a66add 6.7 firmware key by
sthen2019-08-09 22:20:29 +0000
0d8734e4oops, 6.7, spotted by tedu well in advance of it becoming an issue by
deraadt2019-08-06 01:42:50 +0000
2731923d6.7 packages key by
naddy2019-08-05 21:16:48 +0000
738a1a79Don't use a 0 element to determine the end of an OID when comparing two OIDS. This can result in false equality matches. by
martijn2019-08-05 12:38:14 +0000
0802062dThere's no reason why the first digit of an OID can't be 0. by
martijn2019-08-05 12:30:50 +0000
d3a8345cRevise the way how the octeon bootloader is built. The original approach was not right, and there is still room for improvement. by
visa2019-08-04 08:53:14 +0000
ff8f348egood idea to make next-generation keys available well before heading into release. by
deraadt2019-08-03 23:16:08 +0000
b52d6029correct mispellings of EACCES; from Kris Katterjohn by
deraadt2019-07-29 23:14:06 +0000
f9867e4bLink octeon bootloader to the build. by
visa2019-07-28 15:45:30 +0000
28bff3cdAdd a dedicated ramdisk entry for the octeon bootloader to reduce the size of the "boot" file. by
visa2019-07-28 15:41:52 +0000
23b19c15man5/sparc64 is now required (on all arch) by
deraadt2019-07-27 14:10:21 +0000
38ed037bstandard DoT port is 853 not 953; from myportslist20190323 at nym.hush.com by
sthen2019-07-26 17:22:09 +0000
15dd0e78Show unveil(2) violators in lastcomm(1) output and daily mail. input Janne Johansson, schwarze@; OK deraadt@ millert@ by
bluhm2019-07-25 13:13:53 +0000