Give ober_printf_elements() a ber_element array, similar to
ober_scanf_elements(). This allows us to move down and back up multiple
levels in with nested sequences and sets.

While here, on failure, make sure we free (and unlink if needed) all
elements we created.

OK claudio@, tb@

Don't fail in ober_scanf_elements() when encountering empty sequences.

Ok martijn@

When decoding a sequence/set, make sure that:
- We don't create an uninitialized element when there are no subelements to
decode
- If subelements overflow we return EINVAL

While here fix an eyesore of a line continuation.

OK claudio@

Sync ober_oid_cmp with ax_oid_cmp from libagentx.
This flips the returned signedness and adds the weight of 2 for
parent-child relationship in both direction.

This makes ober_oid_cmp consistent with the rest of the *_cmp based
functions.

OK tb@

Add ober_dup. Needed for upcoming SNMPv3 support for trap receiver in
snmpd(8).

OK jmatthew@
OK deraadt@ for bumping libutil now.

Make the ober_get_* set of function to accept a NULL-pointer.
This allows us to do ber-type checking inside ober_scanf_elements, which
will allow for stricter ASN.1 parsing in the future.

Manpage feedback and OK claudio@, jmc@
OK claudio@

Add '$' to ober_scanf_elements().
This allows us to enforce end of sequence/set without having to manually
check be_next for NULL.

No lib bump needed according to millert@
OK millert@ rob@

Gracefully handle any erroneous closing bracket/brace trailers in
ober_scanf_elements().

OK martijn@

Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.

Tweaked and OK martijn@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Don't fail in ober_scanf_elements() when encountering empty sequences.

Ok martijn@

When decoding a sequence/set, make sure that:
- We don't create an uninitialized element when there are no subelements to
decode
- If subelements overflow we return EINVAL

While here fix an eyesore of a line continuation.

OK claudio@

Sync ober_oid_cmp with ax_oid_cmp from libagentx.
This flips the returned signedness and adds the weight of 2 for
parent-child relationship in both direction.

This makes ober_oid_cmp consistent with the rest of the *_cmp based
functions.

OK tb@

Add ober_dup. Needed for upcoming SNMPv3 support for trap receiver in
snmpd(8).

OK jmatthew@
OK deraadt@ for bumping libutil now.

Make the ober_get_* set of function to accept a NULL-pointer.
This allows us to do ber-type checking inside ober_scanf_elements, which
will allow for stricter ASN.1 parsing in the future.

Manpage feedback and OK claudio@, jmc@
OK claudio@

Add '$' to ober_scanf_elements().
This allows us to enforce end of sequence/set without having to manually
check be_next for NULL.

No lib bump needed according to millert@
OK millert@ rob@

Gracefully handle any erroneous closing bracket/brace trailers in
ober_scanf_elements().

OK martijn@

Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.

Tweaked and OK martijn@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

When decoding a sequence/set, make sure that:
- We don't create an uninitialized element when there are no subelements to
decode
- If subelements overflow we return EINVAL

While here fix an eyesore of a line continuation.

OK claudio@

Sync ober_oid_cmp with ax_oid_cmp from libagentx.
This flips the returned signedness and adds the weight of 2 for
parent-child relationship in both direction.

This makes ober_oid_cmp consistent with the rest of the *_cmp based
functions.

OK tb@

Add ober_dup. Needed for upcoming SNMPv3 support for trap receiver in
snmpd(8).

OK jmatthew@
OK deraadt@ for bumping libutil now.

Make the ober_get_* set of function to accept a NULL-pointer.
This allows us to do ber-type checking inside ober_scanf_elements, which
will allow for stricter ASN.1 parsing in the future.

Manpage feedback and OK claudio@, jmc@
OK claudio@

Add '$' to ober_scanf_elements().
This allows us to enforce end of sequence/set without having to manually
check be_next for NULL.

No lib bump needed according to millert@
OK millert@ rob@

Gracefully handle any erroneous closing bracket/brace trailers in
ober_scanf_elements().

OK martijn@

Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.

Tweaked and OK martijn@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Sync ober_oid_cmp with ax_oid_cmp from libagentx.
This flips the returned signedness and adds the weight of 2 for
parent-child relationship in both direction.

This makes ober_oid_cmp consistent with the rest of the *_cmp based
functions.

OK tb@

Add ober_dup. Needed for upcoming SNMPv3 support for trap receiver in
snmpd(8).

OK jmatthew@
OK deraadt@ for bumping libutil now.

Make the ober_get_* set of function to accept a NULL-pointer.
This allows us to do ber-type checking inside ober_scanf_elements, which
will allow for stricter ASN.1 parsing in the future.

Manpage feedback and OK claudio@, jmc@
OK claudio@

Add '$' to ober_scanf_elements().
This allows us to enforce end of sequence/set without having to manually
check be_next for NULL.

No lib bump needed according to millert@
OK millert@ rob@

Gracefully handle any erroneous closing bracket/brace trailers in
ober_scanf_elements().

OK martijn@

Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.

Tweaked and OK martijn@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Add ober_dup. Needed for upcoming SNMPv3 support for trap receiver in
snmpd(8).

OK jmatthew@
OK deraadt@ for bumping libutil now.

Make the ober_get_* set of function to accept a NULL-pointer.
This allows us to do ber-type checking inside ober_scanf_elements, which
will allow for stricter ASN.1 parsing in the future.

Manpage feedback and OK claudio@, jmc@
OK claudio@

Add '$' to ober_scanf_elements().
This allows us to enforce end of sequence/set without having to manually
check be_next for NULL.

No lib bump needed according to millert@
OK millert@ rob@

Gracefully handle any erroneous closing bracket/brace trailers in
ober_scanf_elements().

OK martijn@

Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.

Tweaked and OK martijn@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Make the ober_get_* set of function to accept a NULL-pointer.
This allows us to do ber-type checking inside ober_scanf_elements, which
will allow for stricter ASN.1 parsing in the future.

Manpage feedback and OK claudio@, jmc@
OK claudio@

Add '$' to ober_scanf_elements().
This allows us to enforce end of sequence/set without having to manually
check be_next for NULL.

No lib bump needed according to millert@
OK millert@ rob@

Gracefully handle any erroneous closing bracket/brace trailers in
ober_scanf_elements().

OK martijn@

Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.

Tweaked and OK martijn@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Add '$' to ober_scanf_elements().
This allows us to enforce end of sequence/set without having to manually
check be_next for NULL.

No lib bump needed according to millert@
OK millert@ rob@

Gracefully handle any erroneous closing bracket/brace trailers in
ober_scanf_elements().

OK martijn@

Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.

Tweaked and OK martijn@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Gracefully handle any erroneous closing bracket/brace trailers in
ober_scanf_elements().

OK martijn@

Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.

Tweaked and OK martijn@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Valid integer and enumerated types always have non-zero length. Perform
check to ensure we avoid a possible (undefined) negative shift. Found
with clang static analyzer.

Tweaked and OK martijn@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Missed one case of errno not being set in previous.

double check and OK tb@

Make sure ober_read_elements sets errno on every case where NULL is
returned.

OK deraadt@ tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

branches: 1.14.2;
Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

The ber_* namespace is used by liblber since time immemorial,
so move our BER API to the unused ober_* prefix to avoid some
breakage in ports.

Problem diagnosed by jmatthew with ber_free() in samba, but
there are many others as pointed out by sthen.

tests & ok rob
ok sthen (who had an almost identical diff for libutil)
"go head hit it" deraadt

Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Revert previous. There were some users of the quirky behaviour that were
missed during code scan.

Make ber_scanf_elements's 'e' attribute eat the element.
Right now all consumers use 'e' at the end of the list, so no regressions
should be introduced.

OK claudio@
Seems sensible to deraadt@

Make sure that ber in ber_scanf_elements is not NULL before parsing format
where ber is utilized. This also allows us to remove the ber->be_next
check, which can cause weird behaviour, because a NULL be_next would result
in parsing the last element twice.

OK claudio@ on previous version
OK rob@

Don't use a 0 element to determine the end of an OID when comparing two
OIDS. This can result in false equality matches.

OK claudio@

There's no reason why the first digit of an OID can't be 0.

OK claudio@
"Good find" deraadt@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Limit maximum number of length octets to platform independent sizeof(int32_t).

Problem noticed by bluhm@. Discussed on hackers.

ok claudio@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

whitespace

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Add XXX to a comment.

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

Enable support for the writting of BITSTRING by treating it as an OCTETSTRING.

ok claudio@

Enforce smallest number of contents octets for int (and enum).

ok claudio@

Fail early if a (universal) primitive type identifies as constructed, or if a
boolean has a contents length other than 1.

ok claudio@

Enforce minimal number of octets for tag > 30.

"sure" claudio@

In long form encoding, explicitly prohibit an initial length octet of 0xff
which is reserved for future use.

ok claudio@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@

The BER API is currently used by ldap, ldapd, ldapctl, ypldap, snmpd, and
snmpctl. Separate copies of ber.[ch] have existed and been maintained in sync
in ldap, ldapd, ypldap and snmpd.

This commit moves the BER API into /usr/lib/libutil. All current consumers
already link libutil. ldapd and snmpd regress passes, and release builds.

With help from tb@ and guenther@.

ok deraadt@, tb@