openbsd/src/lib/libc/net, branch libressl-v3.5.1

openbsd/src/lib/libc/net, branch libressl-v3.5.1 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.5.1 2021-11-29T03:20:37+00:00 A few sys/param.h annotations lacked ALIGNBYTES 2021-11-29T03:20:37+00:00 deraadt 2021-11-29T03:20:37+00:00 urn:sha1:3ff0ca30be40ac85767c463af5dda1f3a1c9fe6e Describe what RES_USE_DNSSEC does and how it's affected by trust-ad 2021-11-24T20:06:32+00:00 jca 2021-11-24T20:06:32+00:00 urn:sha1:757c7646fbdf4543d7d64d84a70fae57d5aa6849 ok florian@ Implement rfc6840 (AD flag processing) if using trusted name servers 2021-11-22T20:18:27+00:00 jca 2021-11-22T20:18:27+00:00 urn:sha1:ca02920211b601ee0c85b3f9e9730859d617b1c2 libc can't do DNSSEC validation but it can ask a "security-aware" resolver to do so. Let's send queries with the AD flag set when appropriate, and let applications look at the AD flag in responses in a safe way, ie clear the AD flag if the resolvers aren't trusted. By default we only trust resolvers if resolv.conf(5) only lists name servers on localhost - the obvious candidates being unwind(8) and unbound(8). For non-localhost resolvers, an admin who trusts *all the name servers* listed in resolv.conf(5) *and the network path leading to them* can annotate this with "options trust-ad". AD flag processing gives ssh -o VerifyHostkeyDNS=Yes a chance to fetch SSHFP records in a secure manner, and tightens the situation for other applications, eg those using RES_USE_DNSSEC for DANE. It should be noted that postfix currently assumes trusted name servers by default and forces RES_TRUSTAD if available. RES_TRUSTAD and "options trust-ad" were first introduced in glibc by Florian Weimer. Florian Obser (florian@) contributed various improvements, fixed a bug and added automatic trust for name servers on localhost. ok florian@ phessler@ Revert accidental change. 2021-10-25T14:41:09+00:00 jca 2021-10-25T14:41:09+00:00 urn:sha1:da5b44a9e9a9d701839763c8b3d2b856dd0a047d Dunno why this ended up here, cvs is always full of surprises. Make brk() and sbrk() weak again as intended. 2021-10-25T14:38:10+00:00 jca 2021-10-25T14:38:10+00:00 urn:sha1:db770399bac4498ed9ea1f166e1e92abee964504 Apparently spotted by mortimer@ while working on clang 13 and amd64. No actual change on sparc64 as this architecture still uses ld.bfd. ok kettenis@ ansi 2021-10-24T10:05:23+00:00 jsg 2021-10-24T10:05:23+00:00 urn:sha1:6293deec24fd2fc1af41365c46711340cb0d96fb ok mpi@ deraadt@ Put back sys/types.h and sys/socket.h. The latter was unintentionally 2021-10-22T10:22:15+00:00 tb 2021-10-22T10:22:15+00:00 urn:sha1:8ec905c6206db791419e84ccc5ca015e1f5732ad removed and the former is still needed, as pointed out by kettenis Fix some ghastly whitespace. From Martin Vahlensieck 2021-10-22T09:51:54+00:00 tb 2021-10-22T09:51:54+00:00 urn:sha1:a41d7d8529c6d3afa6ed78521c187d8ec1126cc3 Use unsigned char instead of u_char in base64.c. This is a mild 2021-10-22T09:49:26+00:00 tb 2021-10-22T09:49:26+00:00 urn:sha1:6028b4dd02381c5e20773d89cac6bc3d7dcb7f3b portability annoyance since not all systems have u_char. Remove the now unused includes sys/types.h and stdio.h. u_char diff from Jonas Termansen ok deraadt does not need arpa/nameser.h 2021-10-11T14:32:26+00:00 deraadt 2021-10-11T14:32:26+00:00 urn:sha1:fefdcdafb6eec4dc4289b5a443907249a5b9f61f