OpenBSD src changes summary for 2015-06-15 ==========================================
gnu lib/libssl regress/bin regress/libexec regress/usr.bin regress/usr.sbin sbin/pfctl share/zoneinfo sys/dev/pci sys/dev/usb sys/net sys/netinet usr.bin/openssl usr.bin/ssh usr.bin/tmux usr.sbin/sensorsd usr.sbin/syslogd == gnu =============================================================== 01/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu gnu ~ gcc/gcc/c-decl.c > Don't error out when an existing typedef is redefined with the same > definition; > this is allowed in C11 and 3rd-party software is relying upon this to be > accepted by the compiler. > Nevertheless warn about this if -pedantic. > ok ajacoutot@ deraadt@ millert@ (miod@) == lib =============================================================== 02/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libssl ~ src/doc/ssl/SSL_CTX_set_options.3 > Update SSL_OP_* to remove ancient hacks that are no longer enabled. (doug@) ~ src/doc/ssl/SSL_CTX_set_options.3 ~ src/ssl/s3_srvr.c > Remove 1997's compat hack SSL_OP_SSLEAY_080_CLIENT_DH_BUG. > This is a hack for an old version of SSLeay which predates OpenSSL. (doug@) ~ src/doc/ssl/SSL_CTX_set_options.3 ~ src/ssl/s3_srvr.c > Remove ancient compat hack SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG. > This was imported into OpenSSL from SSLeay. It was recently deleted > in OpenSSL commit 7a4dadc3a6a487db92619622b820eb4f7be512c9 (doug@) ~ src/doc/ssl/SSL_CTX_set_options.3 ~ src/ssl/d1_srvr.c ~ src/ssl/s3_clnt.c ~ src/ssl/s3_srvr.c > Remove ancient SSL_OP_NETSCAPE_CA_DN_BUG from SSLeay days. > This commit matches the OpenSSL removal in commit > 3c33c6f6b10864355553961e638514a6d1bb00f6. > ok deraadt@ (doug@) ~ src/ssl/bs_ber.c ~ src/ssl/bs_cbs.c ~ src/ssl/bytestring.h > Make CBS_get_any_asn1_element() more compliant with DER encoding. > CBS_get_any_asn1_element violates DER encoding by allowing indefinite > form. All callers except bs_ber.c expect DER encoding. The callers > must check to see if it was indefinite or not. > Rather than exposing all callers to this behavior, > cbs_get_any_asn1_element_internal() allows specifying whether you want to > allow the normally forbidden indefinite form. This is used by > CBS_get_any_asn1_element() for strict DER encoding and by a new static > function in bs_ber.c for the relaxed version. > While I was here, I added comments to differentiate between ASN.1 > restrictions and CBS limitations. > ok miod@ (doug@) == regress =========================================================== 03/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress bin + chmod/Makefile + chmod/Makefile~ + chmod/chflags.error + chmod/chgrp.error + chmod/chmod.error + chmod/chown.error > First stab at regression test for chmod (and chflags, chgrp and chown > which are the same binary). This is supposed to exercise all syscalls > paths through those tools and not a comprehensive regression test. > (florian@) - chmod/Makefile~ > oops (florian@) ~ Makefile > hook up chmod (florian@) libexec ~ ld.so/dlopen/prog1/Makefile ~ ld.so/dlopen/prog2/Makefile ~ ld.so/dlopen/prog3/Makefile ~ ld.so/dlopen/prog4/Makefile > fix regress fallout due to CFLAGS vs CXXFLAGS (deraadt@) usr.bin ~ ssh/unittests/Makefile.inc > turn SSH1 back on to match src/usr.bin/ssh being tested (djm@) usr.sbin ~ syslogd/Makefile ~ syslogd/Syslogd.pm ~ syslogd/args-length-tcp.pl ~ syslogd/args-length-tls.pl ~ syslogd/args-length-udp.pl ~ syslogd/args-length-unix.pl ~ syslogd/args-length-vis.pl ~ syslogd/args-libevent-kqueue.pl ~ syslogd/args-libevent-poll.pl ~ syslogd/args-libevent-select.pl ~ syslogd/args-only4.pl ~ syslogd/args-only6.pl ~ syslogd/args-sendsyslog.pl ~ syslogd/args-sighup-config.pl ~ syslogd/args-sighup-privsep.pl ~ syslogd/args-sighup-tcp.pl ~ syslogd/args-sighup-tls.pl ~ syslogd/args-sighup.pl ~ syslogd/args-sigpipe.pl ~ syslogd/args-sigterm.pl ~ syslogd/args-socket-tcp.pl ~ syslogd/args-socket-tls.pl ~ syslogd/args-socket.pl ~ syslogd/funcs.pl + syslogd/args-privsep-daemon.pl + syslogd/args-privsep-foreground.pl + syslogd/args-privsep.pl > Rework how fstat and ktrace pattern are specified in the test > arguments. Add tests to check wether syslogd privsep works. This > is done for debug and foreground and daemon mode. Fstat is checked > for chroot and sockets. Ktrace dump is grepped for setting uid and > gid. (bluhm@) == sbin ============================================================== 04/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin pfctl ~ pfctl.8 > document pfctl -ss -R <rule>, ok mikeb@ (sthen@) == share ============================================================= 05/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share zoneinfo ~ datfiles/africa ~ datfiles/antarctica ~ datfiles/backward ~ datfiles/europe ~ datfiles/iso3166.tab ~ datfiles/northamerica ~ datfiles/southamerica ~ datfiles/zone1970.tab > Update to tzdata2015e from ftp.iana.org (millert@) == sys =============================================================== 06/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys dev/pci ~ if_iwm.c ~ if_iwmvar.h > Make the wifi LED work with iwm(4). > The bad news: Many laptops sold with iwm(4) cards don't have a wifi LED :-( > The good news: Laptops with LEDs and no wifi device white-list in BIOS > actually exist! Tested in one such machine. > ok kettenis@ deraadt@ (stsp@) ~ if_iwm.c ~ if_iwmreg.h ~ if_iwmvar.h > Remove comments referring to Linux iwlwifi source filenames from iwm(4). > Linux is a moving target so these comments provide little value. > Discussed with kettenis and deraadt. (stsp@) dev/usb ~ uaudio.c ~ ugen.c ~ usbdi.c > Set the length of isochronous transfers as the sum of the frames lengths. > This reduces differences between non-isoch and isoch transfers submissions, > makes the generic DMA buffer overrun check work with isoch transfers and > will allow some code simplifications in HC drivers. > Since short-transfers were never checked for isoch transfers, we now need > to > pass the USBD_SHORT_XFER_OK flag to not change this behavior. This might > be > revisited later. > ok ratchov@ (mpi@) ~ uhub.c > Bring back r1.78 and r1.79, now that ajactouto@'s regression has > been found: it was a hardware failure. > When a bus is explored, do not probe the ports which status hasn't > changed. This saves a lot of I/O when attaching/detaching devices > and might help with some timing related problems. (mpi@) net ~ if_trunk.c > Fix a double free in the destroy path triggered when a second process, > in my case dhclient(8), races with ifconfig(8) to free the descriptors > of the joined multicast groups. > While here reduce the difference with carp(4). > ok dms@ (mpi@) netinet ~ ip_ah.c ~ ip_esp.c > Use proper argument type for crp_callback functions; no functional change. > (mikeb@) ~ ip_esp.c > No need for an extra local variable; no functional change. (mikeb@) ~ ip_ipcomp.c > Use proper argument type for crp_callback functions; no functional change. > (mikeb@) == usr.bin =========================================================== 07/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin openssl ~ s_server.c > Remove ancient compat hack SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG. > This was imported into OpenSSL from SSLeay. It was recently deleted > in OpenSSL commit 7a4dadc3a6a487db92619622b820eb4f7be512c9 (doug@) ssh ~ ssh-rsa.c > return failure on RSA signature error; reported by Albert S (djm@) ~ auth2-pubkey.c > Make the arguments to match_principals_command() similar to > match_principals_file(), by changing the last argument a > struct sshkey_cert * and dereferencing key->cert in the caller. > No functional change. > ok djm@ (jsing@) ~ auth2-pubkey.c > If AuthorizedPrincipalsCommand is specified, however > AuthorizedPrincipalsFile is not (or is set to "none"), authentication will > potentially fail due to key_cert_check_authority() failing to locate a > principal that matches the username, even though an authorized principal > has already been matched in the output of the subprocess. Fix this by using > the same logic to determine if pw->pw_name should be passed, as is used to > determine if a authorized principal must be matched earlier on. > ok djm@ (jsing@) tmux ~ format.c ~ input.c ~ tmux.1 ~ tmux.h ~ window.c > Add window_activity format, from Thomas Adam based on a diff originally > from propos6 at gmail dot com. (nicm@) == usr.sbin ========================================================== 08/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin sensorsd ~ sensorsd.c > get_val() already frees the buffer passed to it so we don't need to > do it in the caller. (millert@) syslogd ~ syslogd.8 ~ syslogd.c > Implement a -F switch, that tells syslogd to stay in foreground. > OK benno@; input millert@; no objections deraadt@ (bluhm@) ~ syslogd.8 > put -F before -f in the options list; (jmc@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
