OpenBSD src changes summary for 2015-09-10 ==========================================
bin/ksh distrib/sets games/fish gnu include/netgroup.h lib/libarch lib/libc lib/libedit lib/libkeynote lib/libossaudio lib/libpthread lib/libradius lib/libskey lib/libssl lib/libtls lib/libutil lib/libz libexec/spamd regress/sys regress/usr.sbin sbin/disklabel sbin/fsck_ext2fs sbin/nfsd share/man sys/arch/amd64/amd64 sys/arch/amd64/conf sys/arch/amd64/stand/biosboot sys/arch/amd64/stand/boot sys/arch/amd64/stand/cdboot sys/arch/armish/stand/boot sys/arch/hppa/stand/boot sys/arch/hppa64/stand/boot sys/arch/i386/conf sys/arch/i386/i386 sys/arch/i386/stand/biosboot sys/arch/i386/stand/boot sys/arch/i386/stand/cdboot sys/arch/landisk/stand/boot sys/arch/landisk/stand/mbr sys/arch/landisk/stand/xxboot sys/arch/mips64/mips64 sys/arch/sh/sh sys/arch/socppc/stand/boot sys/arch/sparc/dev sys/arch/zaurus/stand/zboot sys/conf sys/dev/ic sys/dev/pci sys/dev/sbus sys/dev/usb sys/dev/wscons sys/kern sys/net sys/netinet sys/netinet6 sys/sys usr.bin/bgplg usr.bin/ftp usr.bin/openssl usr.bin/tmux usr.sbin/dev_mkdb usr.sbin/httpd usr.sbin/inetd usr.sbin/installboot usr.sbin/mailwrapper usr.sbin/netgroup_mkdb usr.sbin/nsd usr.sbin/ntpd usr.sbin/pkg_add usr.sbin/portmap usr.sbin/route6d usr.sbin/smtpd usr.sbin/syslogd usr.sbin/ypserv usr.sbin/ypset == bin =============================================================== 01/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin ksh ~ var.c > Kill another superfluous variable initialization; from Michael McConville. > (jca@) ~ jobs.c ~ sh.h > Remove INT32 define and just use int, from Martijn van Duren and Michael > McConville. ok deraadt (nicm@) ~ c_ksh.c ~ emacs.c ~ exec.c ~ jobs.c ~ lex.c ~ main.c ~ misc.c ~ sh.h ~ vi.c > Replace newline and space defines by "\n" and " " directly, from Michael > McConville. ok millert (nicm@) == distrib =========================================================== 02/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib sets ~ lists/base/md.alpha ~ lists/base/md.amd64 ~ lists/base/md.armish ~ lists/base/md.armv7 ~ lists/base/md.aviion ~ lists/base/md.hppa ~ lists/base/md.hppa64 ~ lists/base/md.i386 ~ lists/base/md.landisk ~ lists/base/md.loongson ~ lists/base/md.luna88k ~ lists/base/md.macppc ~ lists/base/md.octeon ~ lists/base/md.sgi ~ lists/base/md.socppc ~ lists/base/md.sparc ~ lists/base/md.sparc64 ~ lists/base/md.zaurus > sync (deraadt@) ~ lists/comp/mi > sync (deraadt@) ~ lists/comp/mi > sync (deraadt@) == games ============================================================= 03/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/games fish ~ fish.6 > reduce .Nd to one line and kill .Tn while here (schwarze@) == gnu =============================================================== 04/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu gnu ~ gcc/gcc/c-common.c ~ gcc/gcc/c-decl.c ~ gcc/gcc/expr.c ~ gcc/gcc/expr.h ~ gcc/gcc/targhooks.c > Makde gcc handle __stack_smash_handler similarly to memcpy and memset when > creating calls: cache the RTL, let a declaration alter the asm spec, and > set the same RTL attributes. For all three, let a declaration set the ELF > visibility. > ok miod@ (guenther@) == include =========================================================== 05/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/include netgroup.h ~ netgroup.h > Hide netgroup internals inside libc. The parts that netgroup_mkdb > wants to use, well.... copy them there. > ok guenther (deraadt@) == lib =============================================================== 06/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libarch ~ amd64/amd64_get_fsbase.2 ~ amd64/amd64_iopl.2 ~ i386/i386_get_fsbase.2 ~ i386/i386_get_gsbase.2 ~ i386/i386_get_ioperm.2 ~ i386/i386_get_ldt.2 ~ i386/i386_iopl.2 ~ i386/i386_vm86.2 > use .In rather than .Fd #include (schwarze@) libc - net/link_addr.3 ~ Symbols.list ~ net/Makefile.inc ~ net/linkaddr.c + net/link_ntoa.3 > Remove link_addr(3). A function to encode the name of an interface in > a sockaddr_dl is a questionnable interface. But now it makes it harder > to properly reference ifp becauses of this. > Set sdl_index to the index of the corresponding interface when > constructing a routing message. > Ridding previous libc crank. > ok guenther@, deraadt@, dlg@ (mpi@) ~ net/link_ntoa.3 > tweak Nd after previous; ok mpi (jmc@) ~ db/man/btree.3 ~ db/man/dbopen.3 ~ db/man/hash.3 ~ db/man/recno.3 > no more mpool; (jmc@) - gdtoa/locks.c ~ Symbols.list ~ gdtoa/Makefile.inc ~ gdtoa/gdtoaimp.h ~ gdtoa/misc.c > hide __dtoa_locks as a static in the single use case; ok guenther > (deraadt@) ~ Symbols.list > explain why __explicit_bzero_hook will remain; ok guenther (deraadt@) ~ arch/alpha/SYS.h ~ arch/alpha/sys/brk.S ~ arch/alpha/sys/sbrk.S ~ arch/arm/SYS.h ~ arch/arm/sys/Ovfork.S ~ arch/arm/sys/brk.S ~ arch/arm/sys/cerror.S ~ arch/arm/sys/sbrk.S ~ arch/arm/sys/sigpending.S ~ arch/arm/sys/sigprocmask.S ~ arch/arm/sys/sigsuspend.S ~ arch/arm/sys/tfork_thread.S ~ arch/hppa/SYS.h ~ arch/hppa/sys/brk.S ~ arch/hppa/sys/sbrk.S ~ arch/hppa64/SYS.h ~ arch/hppa64/sys/brk.S ~ arch/hppa64/sys/sbrk.S ~ arch/m88k/SYS.h ~ arch/m88k/sys/brk.S ~ arch/m88k/sys/sbrk.S ~ arch/m88k/sys/sigpending.S ~ arch/m88k/sys/sigprocmask.S ~ arch/m88k/sys/sigsuspend.S ~ arch/m88k/sys/syscall.S ~ arch/sh/SYS.h ~ arch/sh/sys/brk.S ~ arch/sh/sys/cerror.S ~ arch/sh/sys/sbrk.S ~ arch/sh/sys/sigpending.S ~ arch/sh/sys/sigprocmask.S ~ arch/sh/sys/sigsuspend.S ~ arch/sparc/SYS.h ~ arch/sparc/sys/brk.S ~ arch/sparc/sys/sbrk.S ~ arch/sparc/sys/sigpending.S ~ arch/sparc/sys/sigprocmask.S ~ arch/sparc/sys/sigreturn.S ~ arch/sparc/sys/sigsuspend.S ~ arch/vax/SYS.h ~ arch/vax/sys/Ovfork.S ~ arch/vax/sys/brk.S ~ arch/vax/sys/cerror.S ~ arch/vax/sys/sbrk.S ~ arch/vax/sys/sigpending.S ~ arch/vax/sys/sigprocmask.S ~ arch/vax/sys/sigreturn.S ~ arch/vax/sys/sigsuspend.S ~ arch/vax/sys/syscall.S ~ arch/vax/sys/tfork_thread.S > Adds hidden _libc_FOO aliases for the system call stubs. > Stop generating _brk and _sbrk symbols: they've already been hidden. > Set the ELF symbol size on the syscall stubs. > Give the __{min,cur}brk symbols a size and type, and hide more jump labels. > alpha, arm, m88k, sh, sparc, and vax assistance miod@ > hppa assistance kettenis@ > ok deraadt@ miod@ (guenther@) ~ stdlib/rand48.3 > missing commas at the end of .Nm lines in the NAME section (schwarze@) ~ stdio/getdelim.3 > another missing Mdocdate (schwarze@) ~ stdlib/atof.3 ~ stdlib/atoi.3 ~ stdlib/atol.3 ~ stdlib/atoll.3 ~ stdlib/ecvt.3 > reduce .Nd to one line and kill .Tn while here (schwarze@) ~ locale/wcstol.3 > reduce more .Nd to one line and kill more .Tn (schwarze@) ~ sys/acct.2 ~ sys/adjfreq.2 ~ sys/adjtime.2 ~ sys/brk.2 ~ sys/chdir.2 ~ sys/chmod.2 ~ sys/chown.2 ~ sys/clock_gettime.2 ~ sys/closefrom.2 ~ sys/connect.2 ~ sys/execve.2 ~ sys/_exit.2 ~ sys/fsync.2 ~ sys/fhopen.2 ~ sys/fork.2 ~ sys/getgid.2 ~ sys/getitimer.2 ~ sys/getuid.2 ~ sys/getgroups.2 ~ sys/getlogin.2 ~ sys/getpeername.2 ~ sys/getpgrp.2 ~ sys/getpid.2 ~ sys/getpriority.2 ~ sys/getrlimit.2 ~ sys/getrtable.2 ~ sys/getsid.2 ~ sys/getsockname.2 ~ sys/gettimeofday.2 ~ sys/issetugid.2 ~ sys/kqueue.2 ~ sys/link.2 ~ sys/listen.2 ~ sys/lseek.2 ~ sys/mkdir.2 ~ sys/mknod.2 ~ sys/mount.2 ~ sys/profil.2 ~ sys/ptrace.2 ~ sys/reboot.2 ~ sys/rename.2 ~ sys/sendsyslog.2 ~ sys/setgroups.2 ~ sys/setresuid.2 ~ sys/stat.2 ~ sys/symlink.2 ~ sys/sync.2 ~ sys/sysarch.2 ~ sys/syscall.2 ~ sys/truncate.2 ~ sys/umask.2 ~ sys/utimes.2 ~ sys/vfork.2 > use .In rather than .Fd #include (schwarze@) ~ Makefile.inc ~ include/namespace.h ~ hidden/db.h ~ hidden/err.h ~ hidden/errno.h ~ hidden/nl_types.h ~ hidden/signal.h ~ hidden/stdio.h ~ hidden/string.h ~ hidden/wchar.h ~ hidden/rpcsvc/yp.h ~ gen/posix_spawn.c ~ softfloat/fpgetmask.c ~ softfloat/fpgetround.c ~ softfloat/fpgetsticky.c ~ softfloat/fpsetmask.c ~ softfloat/fpsetround.c ~ softfloat/fpsetsticky.c ~ stdlib/hcreate.c ~ sys/stack_protector.c ~ uuid/uuid_compare.c ~ uuid/uuid_create.c ~ uuid/uuid_create_nil.c ~ uuid/uuid_equal.c ~ uuid/uuid_from_string.c ~ uuid/uuid_hash.c ~ uuid/uuid_is_nil.c ~ uuid/uuid_stream.c ~ uuid/uuid_to_string.c > Pull in namespace.h when building all .c files using gcc's -include option, > so that we can provide asm labels for the > memcpy/memset/__stack_smash_handler > calls that it generates ab initio. Eliminate direct #includes of it. Make > sure it's a dependency of all objects (unnecessary for asm, but close > enough). > ok deraadt@ (guenther@) ~ crypt/arc4random.c > Add support for building arc4random with MSVC. > By default, MSVC's stdlib.h defines min(), so we need to spell out > something > less common to avoid picking it up. > ok deraadt@ beck@ miod@ (bcook@) ~ Symbols.list ~ gen/getnetgrent.c > Hide netgroup internals inside libc. The parts that netgroup_mkdb > wants to use, well.... copy them there. > ok guenther (deraadt@) libedit ~ editline.3 > missing commas at the end of .Nm lines in the NAME section (schwarze@) libkeynote ~ keynote.3 ~ keynote.4 > use .In rather than .Fd #include (schwarze@) libossaudio ~ ossaudio.3 > We don't want LIBRARY sections in OpenBSD, so delete it. (schwarze@) ~ ossaudio.3 > use .In rather than .Fd #include (schwarze@) libpthread ~ man/pthread_getcpuclockid.3 > use .In rather than .Fd #include (schwarze@) libradius ~ radius_new_request_packet.3 > missing commas at the end of .Nm lines in the NAME section (schwarze@) libskey ~ skey.3 > use .In rather than .Fd #include (schwarze@) libssl ~ src/crypto/dsa/dsa_ossl.c > Fix an incorrect error check in DSA verify. > From Matt Caswell's OpenSSL commit "RT3192: spurious error in DSA verify". > https://github.com/openssl/openssl/commit/eb63bce040d1cc6147d256f516b59552c > 018e29b (bcook@) ~ src/crypto/asn1/evp_asn1.c ~ src/crypto/ec/ec_asn1.c ~ src/crypto/ts/ts_lib.c > Replace remaining M_ASN1_STRING_* macros with calls to ASN1_STRING_*. > This is not the same as the macro expansion, however the ASN1_STRING_* > functions do match the macro expansions. > ok doug@ miod@ (jsing@) ~ src/crypto/md4/md4_one.c ~ src/crypto/md5/md5_one.c ~ src/crypto/ripemd/rmd_one.c > Remove pointless comments. > ok "captain obvious" (jsing@) ~ src/crypto/aes/aes_wrap.c ~ src/crypto/asn1/a_sign.c ~ src/crypto/asn1/a_verify.c ~ src/crypto/asn1/n_pkey.c ~ src/crypto/asn1/p8_pkey.c ~ src/crypto/bn/bn_exp.c ~ src/crypto/bn/bn_lib.c ~ src/crypto/bn/bn_rand.c ~ src/crypto/cmac/cmac.c ~ src/crypto/cms/cms_asn1.c ~ src/crypto/cms/cms_enc.c ~ src/crypto/cms/cms_env.c ~ src/crypto/cms/cms_pwri.c ~ src/crypto/des/str2key.c ~ src/crypto/ec/ec_key.c ~ src/crypto/ec/ec_lib.c ~ src/crypto/ec/ec_mult.c ~ src/crypto/ec/ecp_nistp224.c ~ src/crypto/ec/ecp_nistp256.c ~ src/crypto/ec/ecp_nistp521.c ~ src/crypto/ecdh/ech_lib.c ~ src/crypto/ecdsa/ecs_lib.c ~ src/crypto/evp/bio_enc.c ~ src/crypto/evp/e_aes.c ~ src/crypto/evp/e_aes_cbc_hmac_sha1.c ~ src/crypto/evp/e_chacha20poly1305.c ~ src/crypto/evp/e_idea.c ~ src/crypto/evp/evp_enc.c ~ src/crypto/evp/evp_key.c ~ src/crypto/evp/p5_crpt.c ~ src/crypto/evp/p5_crpt2.c ~ src/crypto/evp/p_open.c ~ src/crypto/gost/gost2814789.c ~ src/crypto/gost/gostr341001_key.c ~ src/crypto/gost/gostr341194.c ~ src/crypto/gost/streebog.c ~ src/crypto/hmac/hm_ameth.c ~ src/crypto/hmac/hm_pmeth.c ~ src/crypto/md4/md4_one.c ~ src/crypto/md5/md5_one.c ~ src/crypto/modes/gcm128.c ~ src/crypto/pem/pem_info.c ~ src/crypto/pem/pem_lib.c ~ src/crypto/pem/pem_pk8.c ~ src/crypto/pem/pem_pkey.c ~ src/crypto/pem/pem_seal.c ~ src/crypto/pem/pvkfmt.c ~ src/crypto/pkcs12/p12_crpt.c ~ src/crypto/pkcs12/p12_decr.c ~ src/crypto/pkcs12/p12_key.c ~ src/crypto/pkcs7/pk7_doit.c ~ src/crypto/rand/randfile.c ~ src/crypto/ripemd/rmd_one.c ~ src/crypto/rsa/rsa_eay.c ~ src/crypto/rsa/rsa_saos.c ~ src/crypto/rsa/rsa_sign.c ~ src/crypto/sha/sha1_one.c ~ src/crypto/sha/sha256.c ~ src/crypto/sha/sha512.c ~ src/crypto/sha/sha_one.c ~ src/crypto/ui/ui_openssl.c ~ src/crypto/ui/ui_util.c ~ src/ssl/d1_clnt.c ~ src/ssl/d1_lib.c ~ src/ssl/s3_clnt.c ~ src/ssl/s3_enc.c ~ src/ssl/s3_lib.c ~ src/ssl/s3_srvr.c ~ src/ssl/ssl_sess.c ~ src/ssl/t1_enc.c > Correct spelling of OPENSSL_cleanse. > ok miod@ (jsing@) ~ src/crypto/crypto.h > CRYPTO_set_mem_debug_functions() and CRYPTO_set_mem_functions() are already > noops, so neuter the CRYPTO_malloc_init and CRYPTO_malloc_debug_init > macros. > With input from miod@ > ok beck@ bcook@ miod@ (jsing@) ~ src/crypto/crypto.h > Put OPENSSL_cleanse under #ifndef LIBRESSL_INTERNAL. (jsing@) ~ src/ssl/d1_both.c ~ src/ssl/d1_clnt.c ~ src/ssl/d1_lib.c ~ src/ssl/d1_pkt.c ~ src/ssl/d1_srvr.c ~ src/ssl/dtls1.h ~ src/ssl/s3_srvr.c ~ src/ssl/ssl.h ~ src/ssl/ssl_lib.c ~ src/ssl/ssl_sess.c > Remove support for DTLS_BAD_VER. We do not support non-standard and > incomplete implementations just so that we can interoperate with products > from vendors who have not bothered to fix things in the last ~10 years. > ok bcook@ miod@ (jsing@) ~ src/doc/ssl/ssl.3 > delete empty SYNOPSIS section (schwarze@) ~ src/crypto/dsa/dsa_ameth.c > When loading a DSA key from an raw (without DH parameters) ASN.1 > serialization, > perform some consistency checks on its `p' and `q' values, and return an > error if the checks failed. > Thanks for Georgi Guninski (guninski at guninski dot com) for mentioning > the possibility of a weak (non prime) q value and providing a test case. > See https://cpunks.org/pipermail/cypherpunks/2015-September/009007.html > for a longer discussion. > ok bcook@ beck@ (miod@) libtls ~ tls.h ~ tls_config.c ~ tls_init.3 ~ tls_internal.h ~ tls_server.c > Add support for preferring the server's cipher list or the client's cipher > list. Prefer the server's cipher list by default. > Based on a diff from Kyle Thompson <jmp at giga dot moe>. > ok beck@ bcook@ (jsing@) ~ Makefile > add MLINKS for _prefer_ciphers_* (jmc@) ~ shlib_version > bump major > ok jsing@ (beck@) ~ tls.c ~ tls.h > change TLS_READ_AGAIN to TLS_WANT_POLLIN and TLS_WRITE_AGAIN to > TLS_WANT_POLLOUT > to make it more clear to users of this api what needs to be done in these > error > cases. > Discussed extensively with bluhm@ and jsing@ and others. > ok jsing@ (beck@) ~ tls.c ~ tls.h > Change tls_read and tls_write semantics to return an ssize_t to better > match read() and write() semantics to make porting existing code using > read/write easier.. requested by bluhm@ who convinced jsing and I to break > the api > ok jsing@ bluhm@ (beck@) ~ tls.c ~ tls.h ~ tls_client.c ~ tls_internal.h ~ tls_server.c > Split tls_handshake() out from tls_accept/tls_connect. By doing this the > tls_accept/tls_connect functions can be guaranteed to succeed or fail and > will no longer return TLS_READ_AGAIN/TLS_WRITE_AGAIN. This also resolves > the semantics of tls_accept_*. > The tls_handshake() function now does I/O and can return > TLS_READ_AGAIN/TLS_WRITE_AGAIN. Calls to tls_read() and tls_write() will > trigger the handshake if it has not already completed, meaning that in many > cases existing code will continue to work. > Discussed over many coffees at l2k15. > ok beck@ bluhm@ (jsing@) ~ tls.c ~ tls_init.3 > comment for errno clobbering, to indicate why we do this. > ok deraadt@ jsing@ (beck@) ~ tls_init.3 > revert accidental commit (beck@) ~ tls_init.3 > Update libtls man page to reflect tls_handshake() related changes. > ok beck@ (jsing@) ~ tls_init.3 > Replace TLS_{READ,WRITE}_AGAIN with TLS_WANT_POLL{IN,OUT} and correctly > document the calling requirements. > ok beck@ (jsing@) ~ tls_init.3 > Correctly document the behaviour of tls_close() - the caller is responsible > for closing the file descriptors unless libtls allocated them. > ok beck@ (jsing@) ~ tls_init.3 > tweak previous; (jmc@) ~ Makefile > mlink tls_handshake; (jmc@) ~ tls_init.3 > document changed tls_read and tls_write semantics. > document functions that clear errno. > change examples to provide demonstration of both the blocking and > non-blocking cases. > ok jsing@, bluhm@ (beck@) ~ Makefile ~ tls_init.3 > document client side certificate verification functionality. > ok jsing@ (beck@) ~ tls_init.3 > improve examples, > 1. hoist pollfd fields which don't change upwards > 2. show ret as ssize_t, it MUST BE, or there will be lots of crying > 3. on first pass, must check for either POLLIN|POLLOUT > ok millert beck (deraadt@) ~ tls.c > Call tls_set_errorx() instead of tls_set_error() in > tls_configure_ssl_verify(). Also tweak an error message and unwrap a line. > (jsing@) libutil ~ getrawpartition.3 ~ opendisk.3 > reduce .Nd to one line and kill .Tn while here (schwarze@) ~ login_fbtab.3 > reduce more .Nd to one line and kill more .Tn (schwarze@) libz ~ compress.3 > use .In rather than .Fd #include (schwarze@) == libexec =========================================================== 07/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec spamd ~ spamd.c > fix after libtls api changes > ok jsing@ (beck@) ~ spamd.c > read, tls_read, and tls_write return ssize_t > jointly with jsing@ (beck@) == regress =========================================================== 08/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress sys ~ kern/tame/sigabrt/sigabrt.c ~ kern/tame/sigkill/sigkill.c > convert tame(2) regress to new API (semarie@) ~ kern/tame/Makefile > enable generic regress for tame(2) (semarie@) - kern/tame/generic/parse_tame.c ~ kern/tame/generic/Makefile ~ kern/tame/generic/actions.c ~ kern/tame/generic/main.c ~ kern/tame/generic/manager.c ~ kern/tame/generic/tests.out > convert tame(2) regress to new API (semarie@) usr.sbin ~ syslogd/args-bufsize-sendsyslog.pl ~ syslogd/args-bufsize-udp.pl ~ syslogd/args-bufsize-unix.pl ~ syslogd/args-server-tls-tcp.pl ~ syslogd/args-tls-cafile-default.pl ~ syslogd/args-tls-cafile-empty.pl ~ syslogd/args-tls-cafile-fake.pl ~ syslogd/args-tls-cafile-noexist.pl ~ syslogd/args-tls-cafile-toobig.pl ~ syslogd/args-tls-cipher-null.pl > Grep for new error messages about tls_connect_socket. Libtls now > reports handshake failed. Make bufsize tests more reliable. (bluhm@) == sbin ============================================================== 09/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin disklabel ~ disklabel.5 > use .In rather than .Fd #include (schwarze@) fsck_ext2fs ~ setup.c > avoid divide by zero; from Michael McConville (deraadt@) nfsd ~ nfsd.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) == share ============================================================= 10/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man4/man4.alpha/cia.4 ~ man4/man4.alpha/irongate.4 ~ man4/man4.alpha/lca.4 ~ man4/man4.alpha/tcasic.4 ~ man4/man4.alpha/tsc.4 ~ man4/man4.hppa/asp.4 ~ man4/man4.hppa/lasi.4 ~ man4/it.4 ~ man4/pgt.4 ~ man4/puc.4 ~ man4/upgt.4 ~ man4/we.4 ~ man4/man4.sparc/rfx.4 ~ man4/man4.vax/asc.4 ~ man4/man4.vax/dhu.4 ~ man4/man4.vax/dz.4 ~ man4/man4.vax/mt.4 ~ man4/man4.vax/mtc.4 ~ man4/man4.vax/ncr.4 ~ man4/man4.vax/rx.4 ~ man4/man4.vax/uda.4 ~ man8/release.8 ~ man8/man8.sparc/boot_sparc.8 ~ man9/log.9 > reduce .Nd to one line and kill .Tn while here (schwarze@) ~ man4/man4.sparc64/rfx.4 > reduce more .Nd to one line and kill more .Tn (schwarze@) ~ man9/bus_space.9 ~ man9/ml_init.9 > delete bogus trailing comma from .Nm in NAME section (schwarze@) ~ man4/diskmap.4 ~ man4/divert.4 ~ man4/icmp.4 ~ man4/ifmedia.4 ~ man4/inet.4 ~ man4/inet6.4 ~ man4/ip.4 ~ man4/mtio.4 ~ man4/netintro.4 ~ man4/random.4 ~ man4/route.4 ~ man4/tcp.4 ~ man4/termios.4 ~ man4/tty.4 ~ man4/udp.4 ~ man4/unix.4 ~ man4/man4.macppc/openprom.4 ~ man4/man4.sparc/openprom.4 ~ man4/man4.sparc64/openprom.4 ~ man5/acct.5 ~ man5/ar.5 ~ man5/core.5 ~ man5/dir.5 ~ man5/disktab.5 ~ man5/elf.5 ~ man5/fs.5 ~ man5/fstab.5 ~ man5/ranlib.5 ~ man5/utmp.5 > use .In rather than .Fd #include (schwarze@) ~ man7/environ.7 > use .Vt for extern variables in the SYNOPSIS, not .Ar (schwarze@) == sys =============================================================== 11/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ disksubr.c > Call readgptlabel() from readdoslabel() instead of MD readdisklabel(). > Call it if and only if there is an MBR on sector 0 that contains 1 > and only 1 partition; that partition is an EFI partition; and it > covers the entire disk or as much of the disk as can be covered in > an MBR partition. > Be paranoid about restoring any possible tweaks to the label being > built in the case that readgptlabel() fails, and in that case return > to the readdoslabel() code. > ok deraadt@ (krw@) arch/amd64/conf ~ GENERIC > Now that the GPT code tries really hard not to get in the way and > accidentally capture disks ... > Eliminate kernel option GPT and associated #ifdef GPT/#endif. Let > everybody get on the GPT bandwagon and we'll see what wheels fly > off. > Requested by & ok deraadt@ (krw@) arch/amd64/stand/biosboot ~ biosboot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/amd64/stand/boot ~ boot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/amd64/stand/cdboot ~ cdboot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/armish/stand/boot ~ boot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/hppa/stand/boot ~ boot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/hppa64/stand/boot ~ boot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/i386/conf ~ GENERIC > Now that the GPT code tries really hard not to get in the way and > accidentally capture disks ... > Eliminate kernel option GPT and associated #ifdef GPT/#endif. Let > everybody get on the GPT bandwagon and we'll see what wheels fly > off. > Requested by & ok deraadt@ (krw@) arch/i386/i386 ~ disksubr.c > Call readgptlabel() from readdoslabel() instead of MD readdisklabel(). > Call it if and only if there is an MBR on sector 0 that contains 1 > and only 1 partition; that partition is an EFI partition; and it > covers the entire disk or as much of the disk as can be covered in > an MBR partition. > Be paranoid about restoring any possible tweaks to the label being > built in the case that readgptlabel() fails, and in that case return > to the readdoslabel() code. > ok deraadt@ (krw@) arch/i386/stand/biosboot ~ biosboot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/i386/stand/boot ~ boot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/i386/stand/cdboot ~ cdboot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/landisk/stand/boot ~ boot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/landisk/stand/mbr ~ mbr.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/landisk/stand/xxboot ~ xxboot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/mips64/mips64 ~ fp_emulate.c > Initialize `pc' earlier so that the siginfo pc value is correct in case of > genuine FPU exception. (miod@) arch/sh/sh ~ trap.c > Fix error value in ktrace syscall records. ok deraadt@ dlg@ guenther@ > (miod@) arch/socppc/stand/boot ~ boot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) arch/sparc/dev ~ zx.c > Fix a zx_putchar() stupid bug I introduced nine years ago by actually > initializing variables before they get used. (miod@) arch/zaurus/stand/zboot ~ boot.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) conf ~ files > Now that the GPT code tries really hard not to get in the way and > accidentally capture disks ... > Eliminate kernel option GPT and associated #ifdef GPT/#endif. Let > everybody get on the GPT bandwagon and we'll see what wheels fly > off. > Requested by & ok deraadt@ (krw@) ~ files > GPT requires crc32 unconditionally, for (size-constrained) install > media which lack ppp/crypto/etc. Include the libz one. If this > becomes a size issue later, krw has a tiny crc32 to use instead. > ok krw (deraadt@) dev/ic ~ gemvar.h > remove unused macro GEM_CURRENT_MEDIA; ok dlg@ mpi@ (stsp@) dev/pci ~ pci.c > simple size for free() (deraadt@) ~ ppb.c > PPB_EXNAMLEN for the extent name; now easier to pass as a size for free() > (deraadt@) ~ arc.c ~ hifn7751.c ~ if_bnx.c ~ ips.c ~ pciide.c ~ pciidevar.h ~ vmwpvs.c ~ yds.c > sizes for free(); ok sthen (deraadt@) dev/sbus ~ zx.c > Fix a zx_putchar() stupid bug I introduced nine years ago by actually > initializing variables before they get used. (miod@) dev/usb ~ if_urtwn.c > Show usb stack error code if a firmware page fails to load in urtwn(4). > ok mpi@ (stsp@) dev/wscons ~ wsevent.c ~ wseventvar.h ~ wskbd.c ~ wsmouse.c ~ wsmux.c > kqueue(2) support for wsmouse(4), wskbd(4) and wsmux(4). > Needed for libinput port. > ok guenther@, miod@ (mpi@) kern ~ subr_disk.c > Don't stop spoofing GPT partitions when the OpenBSD partition is > found. Keep going until we spoof 8 or run out of partitions needing > spoofing. (krw@) ~ subr_disk.c > Call readgptlabel() from readdoslabel() instead of MD readdisklabel(). > Call it if and only if there is an MBR on sector 0 that contains 1 > and only 1 partition; that partition is an EFI partition; and it > covers the entire disk or as much of the disk as can be covered in > an MBR partition. > Be paranoid about restoring any possible tweaks to the label being > built in the case that readgptlabel() fails, and in that case return > to the readdoslabel() code. > ok deraadt@ (krw@) ~ subr_disk.c > Now that the GPT code tries really hard not to get in the way and > accidentally capture disks ... > Eliminate kernel option GPT and associated #ifdef GPT/#endif. Let > everybody get on the GPT bandwagon and we'll see what wheels fly > off. > Requested by & ok deraadt@ (krw@) ~ exec_script.c ~ kern_sysctl.c > sizes for free(); ok sthen (deraadt@) net ~ if.c > only try and reference an ifp in if_get if we actually find one in > the map. > avoids a NULL deref jsg@ found (dlg@) ~ pf.c ~ pf_norm.c > Kill two simple in6_ifstat_inc(). (mpi@) ~ route.c > Use rtfree(9) rather than decrementing the reference counter. > We know the parent wont be freed at this point because cloned > routes are always purged from the tree before parents. > ok claudio@ (mpi@) ~ if.c ~ if_bridge.c ~ if_ethersubr.c ~ if_mpw.c ~ if_trunk.c ~ if_trunk.h ~ if_var.h ~ if_vlan.c > move the if input handler list to an SRP list. > instead of having every driver that manipulates the ifih list > understand SRPLs, this moves that processing into if_ih_insert and > if_ih_remove functions. > we rely on the kernel lock to serialise the modifications to the > list. > tested by mpi@ > ok mpi@ claudio@ mikeb@ (dlg@) ~ if.c > if_put after if_get in if_input_process (dlg@) ~ route.c > Stop supporting RTAX_IFP arguments with an interface name in the > sdl_data field, a la link_addr(3). > route(8)-like applications wanting to specify an ifp must set sdl_index > to the corresponding interface index. > Not mixing if_get() and ifunit() makes our life easier. The idea is to > have a minimum number of functions dealing w/ ifp refcount. Hopefully > if_get() will be the only one. > ok mikeb@, claudio@, dlg@ (mpi@) ~ if_var.h > include srp.h so userland can understand struct srpl. > noticed by deraadt@ (dlg@) ~ if_bridge.c > Even the driver that should not be named needs if_put() after if_get(). > ok claudio@, dlg@ (mpi@) ~ if.c ~ if_bridge.c ~ if_ethersubr.c ~ if_mpw.c ~ if_trunk.c ~ if_var.h ~ if_vlan.c > pass a cookie argument to interface input handlers that can be used > to pass additional context or transient data with the similar life > time. > ok mpi, suggestions, hand holding and ok from dlg (mikeb@) ~ if_vlan.c > if_put after if_get > ok claudio@ (dlg@) ~ route.c > if_put after if_get > easy now that mpi@ has removed the ifunit confusion. > ok mpi@ claudio@ (dlg@) ~ if_tun.c > dont leak an ifp reference if tun isnt ready to read. > found by jsg@ (dlg@) ~ pipex.c > It is time to put inet6 on a diet. Use the flensing knife and cut out > the 3rd argument of in6_recoverscope() and make it return void. > OK dlg@ mikeb@ (claudio@) ~ if.c ~ if_var.h > rework how we store and manage the interface index to ifp map in > preparation of using SRPs as a backend for if_get. > this also tries to document how things work and what if index 0 is for. > ok mpi@ claudio@ (dlg@) netinet ~ if_ether.h > Missing prototype change in previous. (mpi@) ~ tcp_input.c > if_put added to the if_get calls. Reshuffle some code to make this easier. > OK dlg@ (claudio@) ~ ip_icmp.c > if_put after if_get in icmp input. > instead of chasing all the ways out of icmp_input, rename it to > icmp_input_if and call it from a wrapper that gets the ifp and puts > it after icmp_input_if call. > ok claudio@ (dlg@) ~ igmp.c > move the guts of igmp_input into a igmp_input_if function and call > it with the reference from if_get held so we can if_put it easly > after the guts have run. > ok claudio@ (dlg@) ~ if_ether.c > correctly hold and put a reference to the revarp ifp while trying > to get nfs working. > ok claudio@ (dlg@) ~ ip_carp.c > move the if input handler list to an SRP list. > instead of having every driver that manipulates the ifih list > understand SRPLs, this moves that processing into if_ih_insert and > if_ih_remove functions. > we rely on the kernel lock to serialise the modifications to the > list. > tested by mpi@ > ok mpi@ claudio@ mikeb@ (dlg@) ~ tcp_input.c > Only half of the IPv6 source address was used as input for the syn > cache hash. That makes it trivial to create syn cache collisions. > Take the full address, xor it with random data and put it into the > hash function. > OK markus@ (bluhm@) ~ ip_carp.c > if_put after if_get. > ok claudio@ (dlg@) ~ ip_carp.c > pass a cookie argument to interface input handlers that can be used > to pass additional context or transient data with the similar life > time. > ok mpi, suggestions, hand holding and ok from dlg (mikeb@) ~ ip_spd.c ~ ipsec_input.c ~ udp_usrreq.c > It is time to put inet6 on a diet. Use the flensing knife and cut out > the 3rd argument of in6_recoverscope() and make it return void. > OK dlg@ mikeb@ (claudio@) netinet6 ~ in6.c > Trivial if_put addition. OK dlg@ (claudio@) ~ ip6_divert.c > Another trivial if_put addition. OK dlg@ (claudio@) ~ ip6_mroute.c > More complicated if_put dance. Special handling for multicast_register_if > which is probably not even needed here but who knows for sure. > OK dlg@ (claudio@) ~ mld6.c > More if_put suffling. OK dlg@ (claudio@) ~ ip6_output.c > Stop using in6_ifstat_inc(). > ok dlg@, claudio@ (mpi@) ~ ip6_forward.c ~ ip6_input.c > Fewer in6_ifstat_inc() > ok mikeb@ (mpi@) ~ nd6_rtr.c > if_put dance, shuffle some code and switch a printf to print the ifindex > instead of the name so we don't have to if_get/if_put it for just that. > OK dlg@ (claudio@) ~ in6.c > In IPv6 source address selection prefer addresses of the outgoing > interface. > OK mpi@ (bluhm@) ~ frag6.c ~ in6.c ~ in6_var.h > Kill in6_ifstat_inc() and associated per-ifp storage. > The SIOCGIFSTAT_IN6 is no longer supported. > ok mikeb@, claudio@, dlg@ (mpi@) ~ icmp6.c ~ in6.h ~ in6_pcb.c ~ in6_src.c ~ nd6.c ~ raw_ip6.c > It is time to put inet6 on a diet. Use the flensing knife and cut out > the 3rd argument of in6_recoverscope() and make it return void. > OK dlg@ mikeb@ (claudio@) sys ~ disklabel.h > Now that the GPT code tries really hard not to get in the way and > accidentally capture disks ... > Eliminate kernel option GPT and associated #ifdef GPT/#endif. Let > everybody get on the GPT bandwagon and we'll see what wheels fly > off. > Requested by & ok deraadt@ (krw@) ~ conf.h > kqueue(2) support for wsmouse(4), wskbd(4) and wsmux(4). > Needed for libinput port. > ok guenther@, miod@ (mpi@) == usr.bin =========================================================== 12/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin bgplg ~ bgplg.8 ~ bgplgsh.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) ftp ~ fetch.c > fix after libtls api changes > ok jsing@ (beck@) ~ fetch.c > Unbreak ftp(1) after tls_read()/tls_write() change. > Found the hard way by naddy@ > Joint work with beck@ (jsing@) openssl ~ ca.c ~ gendsa.c > Remove unused defines. No binary change. > ok deraadt@ miod@ (lteo@) ~ s_socket.c > Remove SOCKET_PROTOCOL, a redundant define that was only used once. > No binary change. > ok millert@ miod@ (lteo@) ~ s_apps.h ~ s_cb.c ~ s_client.c ~ s_time.c > Fix shadowed verify_error in s_server by removing the unused global. > 's_time -verify 1' will now actually verify the peer certificate. > ok beck@ (bcook@) ~ apps.c ~ ca.c ~ dgst.c ~ enc.c ~ s_client.c ~ s_server.c > Correct spelling of OPENSSL_cleanse. (jsing@) ~ openssl.c > Remove call to CRYPTO_malloc_init(), which does nothing. (jsing@) ~ s_cb.c > Nuke references to DTLS1_BAD_VER and unbreak the tree. (jsing@) tmux ~ cmd-attach-session.c ~ cmd-new-session.c ~ cmd-switch-client.c ~ format.c ~ server-fn.c ~ tmux.1 ~ tmux.h > Add session_last_attached time and format, from Sina Siadat. (nicm@) == usr.sbin ========================================================== 13/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin dev_mkdb ~ dev_mkdb.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) httpd ~ server.c > Update httpd to call tls_handshake() after tls_accept_socket(). > ok beck@ (jsing@) ~ server.c > fix after libtls api changes > ok jsing@ (beck@) ~ server.c > fix return type for tls_read/write > jointly with jsing@ (beck@) inetd ~ inetd.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) installboot ~ installboot.c > Assign the return value of getopt() to an int, not a char, so that options > actually work on unsigned char platforms. (miod@) mailwrapper ~ mailer.conf.5 > reduce .Nd to one line and kill .Tn while here (schwarze@) netgroup_mkdb ~ Makefile ~ netgroup_mkdb.c + stringlist.c + stringlist.h > Hide netgroup internals inside libc. The parts that netgroup_mkdb > wants to use, well.... copy them there. > ok guenther (deraadt@) nsd - compat/b64_ntop.c - compat/b64_pton.c > Remove compat files no longer required. (sthen@) ~ configparser.y ~ configure.ac ~ options.c ~ rdata.c ~ zonec.c ~ compat/b64_ntop.c ~ compat/b64_pton.c > Fix handling of compat/b64_{ntop,pton} by using __-prefixed versions > directly, > similar to what ssh does. Otherwise they need resolv.h including, which > causes > problems on OS with newer resolv.h/nameser.h headers which cause conflicts > with > NSD's T_xxx resource record #defines. autoconf bits adapted from tmux > portable. > ok florian@ (sthen@) ~ configure > regen configure, reported by deraadt@ (sthen@) ntpd ~ constraint.c > fix after libtls api changes > ok jsing@ (beck@) ~ constraint.c > fix type and return check for tls_read/write. > jontly with jsing@ (beck@) pkg_add ~ package.5 > reduce .Nd to one line and kill .Tn while here (schwarze@) portmap ~ portmap.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) route6d ~ route6d.8 > delete obsolete .Bk from the SYNOPSIS > and delete some useless .No while here (schwarze@) smtpd ~ sendmail.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) syslogd ~ evbuffer_tls.c > Make syslogd compile again after recent libtls changes. Adapt to > new tls_read() and tls_write() calling semantics, adapt to > TLS_WANT_POLLIN and TLS_WANT_POLLOUT renaming. > OK beck@ (bluhm@) ~ syslog.conf.5 > reduce .Nd to one line and kill .Tn while here (schwarze@) ~ evbuffer_tls.c ~ evbuffer_tls.h ~ syslogd.c > Convert syslogd TLS connect to use handshake callback. The bt_hostname > can go away as the callback does not need the hostname anymore. > Call tls_handshake() until successful. Remove the function > tls_socket() as it has a bad prefix. Just call tls_client(), > tls_configure() and tls_connect_socket() after the TCP socket has > been created. There is no need to wait until TCP connect has > finished. > OK beck@ jsing@ (bluhm@) ~ syslogd.c > Instead of having global variables containing the libevent structures, > allocate them with malloc. This makes the address space layout > more random. > OK deraadt@ benno@ (bluhm@) ypserv ~ ypserv/securenet.5 ~ ypserv/ypserv.acl.5 > reduce .Nd to one line and kill .Tn while here (schwarze@) ypset ~ ypset.8 > reduce .Nd to one line and kill .Tn while here (schwarze@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
