OpenBSD src changes summary for 2015-10-25 ==========================================
bin/ed bin/ps distrib/amd64 distrib/armish distrib/i386 distrib/landisk distrib/macppc distrib/sets distrib/socppc distrib/zaurus games/quiz lib/libc lib/libssl libexec/ftpd libexec/login_chpass libexec/login_lchpass regress/lib regress/sbin sbin/ping6 sbin/route share/man sys/arch/i386/conf sys/arch/macppc/dev sys/arch/octeon/dev sys/arch/sgi/dev sys/arch/sgi/hpc sys/arch/socppc/dev sys/arch/sparc/dev sys/arch/sparc64/dev sys/dev/ic sys/dev/isa sys/dev/pci sys/dev/pcmcia sys/dev/sbus sys/dev/usb sys/kern sys/net sys/netinet sys/netinet6 sys/sys usr.bin/ctags usr.bin/head usr.bin/kdump usr.bin/ktrace usr.bin/passwd usr.bin/sed usr.bin/ssh usr.bin/tail usr.bin/telnet usr.bin/tmux usr.bin/top usr.sbin/bgpctl usr.sbin/bgpd usr.sbin/bind usr.sbin/cron usr.sbin/dvmrpctl usr.sbin/eigrpd usr.sbin/installboot usr.sbin/ndp usr.sbin/ntpd usr.sbin/route6d usr.sbin/rtadvd usr.sbin/tcpdump == bin =============================================================== 01/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin ed ~ main.c > POSIX says that you can't capture the return value of sigsetjmp(). > Fortunately, we don't need it as we only pass siglongjmp() a single value. > ok deraadt@ (guenther@) ps ~ ps.c > need "getpw" pledge; spotted by matthieu (deraadt@) ~ print.c > strvis directory names in ps > OK stsp@ (czarkoff@) == distrib =========================================================== 02/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib amd64 ~ common/install.md > Use 'fdisk -i', instead of 'fdisk -e' with a here document of > 'reinit;update;write;quit'. They've done the same thing for some > time now. > Tweaks & test from rpe@. > ok rpe@ deraadt@ (krw@) armish ~ ramdisk/install.md > Use 'fdisk -i', instead of 'fdisk -e' with a here document of > 'reinit;update;write;quit'. They've done the same thing for some > time now. > Tweaks & test from rpe@. > ok rpe@ deraadt@ (krw@) i386 ~ common/install.md > Use 'fdisk -i', instead of 'fdisk -e' with a here document of > 'reinit;update;write;quit'. They've done the same thing for some > time now. > Tweaks & test from rpe@. > ok rpe@ deraadt@ (krw@) landisk ~ ramdisk/install.md > Use 'fdisk -i', instead of 'fdisk -e' with a here document of > 'reinit;update;write;quit'. They've done the same thing for some > time now. > Tweaks & test from rpe@. > ok rpe@ deraadt@ (krw@) macppc ~ ramdisk/install.md > Use 'fdisk -i', instead of 'fdisk -e' with a here document of > 'reinit;update;write;quit'. They've done the same thing for some > time now. > Tweaks & test from rpe@. > ok rpe@ deraadt@ (krw@) sets ~ lists/base/md.vax > sync (miod@) ~ lists/base/mi ~ lists/man/mi > sync (deraadt@) socppc ~ ramdisk/install.md > Use 'fdisk -i', instead of 'fdisk -e' with a here document of > 'reinit;update;write;quit'. They've done the same thing for some > time now. > Tweaks & test from rpe@. > ok rpe@ deraadt@ (krw@) zaurus ~ ramdisk/install.md > Use 'fdisk -i', instead of 'fdisk -e' with a here document of > 'reinit;update;write;quit'. They've done the same thing for some > time now. > Tweaks & test from rpe@. > ok rpe@ deraadt@ (krw@) == games ============================================================= 03/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/games quiz ~ quiz.c > just dump the help on stdout with messing about with a pager. > makes pledge much simpler. > from jan stary (tedu@) == lib =============================================================== 04/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ stdlib/abort.c ~ hidden/signal.h ~ gen/signal.c > Use sigaction() instead of signal() to avoid pulling in unnecessary > wrappers. To keep uses from crawling back in, mark signal() as > deprecated inside libc. > ok deraadt@ (guenther@) - nls/C.msg - nls/Pig.msg - nls/da.ISO8859-1.msg - nls/da.UTF-8.msg - nls/de.ISO8859-1.msg - nls/de.UTF-8.msg - nls/es.ISO8859-1.msg - nls/es.UTF-8.msg - nls/fi.ISO8859-1.msg - nls/fi.UTF-8.msg - nls/fr.ISO8859-1.msg - nls/fr.UTF-8.msg - nls/it.UTF-8.msg - nls/nl.ISO8859-1.msg - nls/nl.UTF-8.msg - nls/no.ISO8859-1.msg - nls/no.UTF-8.msg - nls/ru.KOI8-R.msg - nls/ru.UTF-8.msg - nls/sv.ISO8859-1.msg - nls/sv.UTF-8.msg ~ Makefile ~ Makefile.inc ~ string/strerror_r.c > The only thing that was translated into multiple languages in OpenBSD > are the errno messages and signal names. Everything else is in > English. We are not planning to translate more text. Running a > mixed system with less than 1% of the text in native language makes > no sense. So remove the NLS support from libc messages. The > catopen(3) functions stay as they are. > OK stsp@ mpi@ (bluhm@) ~ gen/disklabel.c > Nuke union of d_packname with un_d_boot0 & un_d_boot1, keeping > d_packname as a simple field. Also nuke the access #defines, and > support for b0 and b1 capabilities in disktab. > ok deraadt@ miod@ (krw@) ~ Symbols.list ~ hidden/stdlib.h ~ stdio/local.h ~ stdlib/atexit.c ~ stdlib/atexit.h > msg (guenther@) ~ sys/w_fork.c ~ stdlib/atexit.c > Move the _atfork_list definition to atexit.c so that the fork syscall stub > doesn't get pulled into all static executables > ok millert@ jca@ (guenther@) ~ gen/wait.c ~ gen/wait3.c ~ gen/waitpid.c + hidden/sys/wait.h > Wrap waitpid() so calls go direct; weaken wait() and wait3(). > Strip out unnecessary #includes and use NULL instead of (struct rusage *)0 > (guenther@) libssl ~ src/ssl/s23_srvr.c > Simplify ssl23_get_client_hello error handling. > ssl23_get_client_hello sets type=1 on error and continues processing. > It should return an error immediately to simplify things. This also > allows us to start removing the last of SSL_OP_NO_SSL*. > Added extra paranoia for s->version to make sure it is set properly. > ok jsing@ (doug@) ~ src/ssl/ssl_lib.c > Remove last vestige of SSL_OP_NO_SSLv3 support. > No part of LibreSSL checks for this flag any longer. > ok jsing@ (doug@) ~ src/ssl/ssl.h > Mark SSL_OP_NO_{COMPRESSION,SSLv2,SSLv3} as obsolete. > For backward compatibility, the flags are redefined as 0. > ok jsing@ (doug@) ~ src/ssl/ssl.h > Sort the obsolete flags. (doug@) == libexec =========================================================== 05/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec ftpd ~ ftpcmd.y > unifdef some oldness. (BSD not defined since removal of param.h) > ok jca sthen (tedu@) ~ ftpd.8 ~ ftpd.c > No longer create /var/run/ftpd.pid in daemon mode; OK jung@ jca@ (millert@) login_chpass ~ login_chpass.c > No need to declare pwd_gensalt; it's unused and gone. > ok tedu@ (ajacoutot@) login_lchpass ~ login_lchpass.c > No need to declare pwd_gensalt; it's unused and gone. > ok tedu@ (ajacoutot@) == regress =========================================================== 06/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libc/atexit/atexit_test.c > Use dprintf() instead of fprintf() in the signal handler (guenther@) ~ libcrypto/asn1/asn1time.c > Missing initializer; spotted by coverity. (miod@) ~ libc/atexit/Makefile > msg (guenther@) ~ libssl/bytestring/bytestringtest.c > Change test to use length 128 (shortest long-form encoding). > From BoringSSL commit: d13a5e15d4e4eb51513be665306a2beba39869df (doug@) sbin ~ route/rttest3.ok ~ route/rttest5.ok ~ route/rttest6.ok ~ route/rttest8.ok > Sync after recent rtable_insert() change. (mpi@) == sbin ============================================================== 07/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin ping6 ~ ping6.c ~ ping6.8 > Implement ping(8)'s -L option in ping6: > Disable the loopback, so the transmitting host doesn't see the ICMP > requests. For multicast pings. > OK benno@ (florian@) ~ ping6.8 > tweak previous; (jmc@) ~ ping6.8 ~ ping6.c > IPV6_NEXTHOP is gone, remove -g option which used this. > kill it mpi@ (florian@) ~ ping6.c > remove prototype for removed pingerlen function. (florian@) ~ ping6.c > pr_bitrange() is unused, nuke it. (florian@) route ~ route.c > route flush cannot pledge before sysctl for NET_RT_DUMP; defer the act. > issue spotted by matthieu (deraadt@) == share ============================================================= 08/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man4/ip6.4 > Remove IPV6_NEXTHOP implementation. Source routing is considered to be > a bad idea these days. > kill it mpi@ > general agreement in the network hackers room at u2k15 (florian@) ~ man5/disktab.5 > 'b0' and 'b1' are no longer supported, so de-document them. (krw@) == sys =============================================================== 09/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/i386/conf ~ GENERIC > enable asmc(4) on i386 (jung@) arch/macppc/dev ~ if_bm.c ~ if_mc.c > arp_ifinit() is no longer needed. (mpi@) arch/octeon/dev ~ if_cnmac.c > arp_ifinit() is no longer needed. (mpi@) arch/sgi/dev ~ if_iec.c ~ if_mec.c > arp_ifinit() is no longer needed. (mpi@) arch/sgi/hpc ~ if_sq.c > arp_ifinit() is no longer needed. (mpi@) arch/socppc/dev ~ if_tsec.c > arp_ifinit() is no longer needed. (mpi@) arch/sparc/dev ~ be.c ~ hme.c ~ if_ie.c ~ qe.c > arp_ifinit() is no longer needed. (mpi@) arch/sparc64/dev ~ vnet.c > arp_ifinit() is no longer needed. (mpi@) dev/ic ~ acx.c ~ aic6915.c ~ an.c ~ ath.c ~ athn.c ~ atw.c ~ bwi.c ~ dc.c ~ dp8390.c ~ elink3.c ~ fxp.c ~ gem.c ~ hme.c ~ i82596.c ~ if_wi.c ~ lance.c ~ lemac.c ~ malo.c ~ mtd8xx.c ~ pgt.c ~ re.c ~ rt2560.c ~ rt2661.c ~ rt2860.c ~ rtl81x9.c ~ rtw.c ~ smc83c170.c ~ smc91cxx.c ~ ti.c ~ xl.c > arp_ifinit() is no longer needed. (mpi@) dev/isa ~ if_ef_isapnp.c ~ if_eg.c ~ if_el.c ~ if_ex.c ~ if_ie.c > arp_ifinit() is no longer needed and almost dead. (mpi@) ~ asmc.c > refactor to use a taskq and postpone the long running initial sensor > probing, > also avoid excessive tsleep()s for updates within the sensor task, > moreover this should fix some seldom seen 'comm collision' errors (jung@) dev/pci ~ if_age.c ~ if_alc.c ~ if_ale.c ~ if_bce.c ~ if_bge.c ~ if_bnx.c ~ if_cas.c ~ if_de.c ~ if_em.c ~ if_et.c ~ if_ipw.c ~ if_iwi.c ~ if_iwm.c ~ if_iwn.c ~ if_ix.c ~ if_ixgb.c ~ if_jme.c ~ if_lge.c ~ if_lii.c ~ if_msk.c ~ if_myx.c ~ if_nep.c ~ if_nfe.c ~ if_nge.c ~ if_nxe.c ~ if_oce.c ~ if_pcn.c ~ if_rtwn.c ~ if_se.c ~ if_sis.c ~ if_sk.c ~ if_ste.c ~ if_stge.c ~ if_tht.c ~ if_tl.c ~ if_txp.c ~ if_vge.c ~ if_vic.c ~ if_vio.c ~ if_vmx.c ~ if_vr.c ~ if_vte.c ~ if_wb.c ~ if_wpi.c ~ if_xge.c > arp_ifinit() is no longer needed. (mpi@) dev/pcmcia ~ if_cnw.c ~ if_malo.c ~ if_xe.c > arp_ifinit() is no longer needed and almost dead. (mpi@) dev/sbus ~ be.c ~ qe.c > arp_ifinit() is no longer needed and almost dead. (mpi@) dev/usb ~ if_athn_usb.c ~ if_atu.c ~ if_aue.c ~ if_axe.c ~ if_axen.c ~ if_cdce.c ~ if_cdcef.c ~ if_cue.c ~ if_kue.c ~ if_mos.c ~ if_otus.c ~ if_ral.c ~ if_rsu.c ~ if_rum.c ~ if_run.c ~ if_smsc.c ~ if_uath.c ~ if_udav.c ~ if_ugl.c ~ if_upgt.c ~ if_url.c ~ if_urndis.c ~ if_urtw.c ~ if_urtwn.c ~ if_zyd.c > arp_ifinit() is no longer needed. (mpi@) kern ~ kern_pledge.c > Allow getsockopt(IP_OPTIONS) (with inet), needed by portmap (for RPC). > ok deraadt (nicm@) ~ kern_pledge.c > For SYS_open let the /dev/null special case match if any TMN_RPATH, > TMN_WPATH or both are set in p_pledgenote. Matches the style used > for /dev/tty special cases (among others). From deraadt@ (millert@) ~ kern_pledge.c > ps(1) needs sysctl KERN_PROC_CWD exposed as well in the pledge "ps" set. > hit by czarkoff (deraadt@) ~ kern_pledge.c > reorder some checks in pledge_namei() in order to properly work. > mainly move read/write whitelisted paths that should be *before* checking > if > you have PLEDGE_WPATH. > with and ok deraadt@ (semarie@) ~ kern_pledge.c ~ uipc_syscalls.c > pledge_sockopt_check is shared between setsockopt/getsockopt. nicm > found the first case of "get allowed, set not allowed". Tiny > refactoring of that. (deraadt@) ~ kern_exec.c ~ kern_ktrace.c ~ kern_pledge.c ~ kern_sig.c ~ kern_sysctl.c ~ uipc_syscalls.c ~ uipc_usrreq.c ~ vfs_syscalls.c > Fold "malloc" into "stdio" and -- recognizing that no program so far has > used less than "stdio" -- include all the "self" operations. Instead of > different defines, use regular PLEDGE_* in the "p_pledgenote" variable > (which indicates the operation subtype a system call is performing). Many > checks before easier to understand. p_pledgenote can often be passed > directly to ktrace, so that kdump says: > 15565 test CALL pledge(0xa9a3f804c51,0) > 15565 test STRU pledge request="stdio" > 15565 test RET pledge 0 > 15565 test CALL open(0xa9a3f804c57,0x2<O_RDWR>) > 15565 test NAMI "/tmp/testfile" > 15565 test PLDG open, "wpath", errno 1 Operation not permitted > with help from semarie, ok guenther (deraadt@) net ~ route.c ~ route.h ~ rtsock.c > Instead of doing the the if_get() dance for rt_missmsg(), change the > function to take an interface index. > discussed with mpi@; OK claudio@ (bluhm@) ~ if.c ~ if_ethersubr.c ~ if_gif.c ~ if_gre.c ~ if_loop.c ~ if_ppp.c ~ if_pppoe.c ~ if_pppx.c ~ if_spppsubr.c ~ if_tun.c ~ if_var.h ~ route.c ~ rtsock.c > Introduce if_rtrequest() the successor of ifa_rtrequest(). > L2 resolution depends on the protocol (encoded in the route entry) and > an ``ifp''. Not having to care about an ``ifa'' makes our life easier > in our MP effort. Fewer dependencies between data structures implies > fewer headaches. > Discussed with bluhm@, ok claudio@ (mpi@) ~ if.c ~ if_pair.c ~ if_trunk.c ~ if_tun.c ~ if_vether.c ~ if_vlan.c ~ if_vxlan.c > arp_ifinit() is no longer required. (mpi@) ~ if_pair.c > ifa is no longer used. (mpi@) ~ if.c > Do not overwrite if_rtrequest() if the driver specified it *before* > calling if_attach(). (mpi@) ~ rtsock.c > Be more consisten with rtmsgs. Always set rtm_index (even in the RTM_GET > case) and always set rtm_pid to the pid of the requestor (even in the > sysctl code path). > OK mpi@ (claudio@) ~ route.c ~ rtable.c ~ rtable.h > Merge rtable_mpath_conflict() into rtable_insert(). > ok claudio@ (mpi@) ~ route.c > Simple sizes for free(9). > ok claudio@ (mpi@) ~ route.c > I should not have committed this chunk. Spotted by krw@ (mpi@) ~ if.c > unbreak tree for ramdisks without INET6 (deraadt@) netinet ~ in_pcb.c > Instead of doing the the if_get() dance for rt_missmsg(), change the > function to take an interface index. > discussed with mpi@; OK claudio@ (bluhm@) ~ if_ether.c ~ if_ether.h ~ ip_carp.c > Introduce if_rtrequest() the successor of ifa_rtrequest(). > L2 resolution depends on the protocol (encoded in the route entry) and > an ``ifp''. Not having to care about an ``ifa'' makes our life easier > in our MP effort. Fewer dependencies between data structures implies > fewer headaches. > Discussed with bluhm@, ok claudio@ (mpi@) netinet6 ~ in6.c ~ nd6.c ~ nd6.h ~ nd6_rtr.c > Introduce if_rtrequest() the successor of ifa_rtrequest(). > L2 resolution depends on the protocol (encoded in the route entry) and > an ``ifp''. Not having to care about an ``ifa'' makes our life easier > in our MP effort. Fewer dependencies between data structures implies > fewer headaches. > Discussed with bluhm@, ok claudio@ (mpi@) ~ in6_src.c > Use the "modern" way to check if a route entry correspond to a local > address. > Fix a regression introduced when removing the lo0 hack. > ok florian@ (mpi@) ~ in6_src.c ~ ip6_output.c ~ ip6_var.h > Remove IPV6_NEXTHOP implementation. Source routing is considered to be > a bad idea these days. > kill it mpi@ > general agreement in the network hackers room at u2k15 (florian@) ~ ip6_forward.c ~ nd6.c > Trivial rt_ifp->if_index -> rt_ifidx conversions. (mpi@) ~ nd6.c > do not expose nd6 randomid's to userland via ioctl. > ok claudio mpi florian (deraadt@) ~ nd6_rtr.c > Put some comments in how nd6_rs_attach() works. > Requested by stsp (florian@) sys ~ disklabel.h > Nuke union of d_packname with un_d_boot0 & un_d_boot1, keeping > d_packname as a simple field. Also nuke the access #defines, and > support for b0 and b1 capabilities in disktab. > ok deraadt@ miod@ (krw@) ~ pledge.h > pledge_sockopt_check is shared between setsockopt/getsockopt. nicm > found the first case of "get allowed, set not allowed". Tiny > refactoring of that. (deraadt@) ~ ktrace.h ~ pledge.h ~ proc.h > Fold "malloc" into "stdio" and -- recognizing that no program so far has > used less than "stdio" -- include all the "self" operations. Instead of > different defines, use regular PLEDGE_* in the "p_pledgenote" variable > (which indicates the operation subtype a system call is performing). Many > checks before easier to understand. p_pledgenote can often be passed > directly to ktrace, so that kdump says: > 15565 test CALL pledge(0xa9a3f804c51,0) > 15565 test STRU pledge request="stdio" > 15565 test RET pledge 0 > 15565 test CALL open(0xa9a3f804c57,0x2<O_RDWR>) > 15565 test NAMI "/tmp/testfile" > 15565 test PLDG open, "wpath", errno 1 Operation not permitted > with help from semarie, ok guenther (deraadt@) == usr.bin =========================================================== 10/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin ctags ~ ctags.1 > Decapitalize yyparse tag name here. > okay jmc@ (zhuk@) head ~ head.1 > Unify & improve paragraphs talking about "==> file <==" headers in > head(1) and tail(1). > Input & okay from jmc@ (zhuk@) kdump ~ kdump.c > Fold "malloc" into "stdio" and -- recognizing that no program so far has > used less than "stdio" -- include all the "self" operations. Instead of > different defines, use regular PLEDGE_* in the "p_pledgenote" variable > (which indicates the operation subtype a system call is performing). Many > checks before easier to understand. p_pledgenote can often be passed > directly to ktrace, so that kdump says: > 15565 test CALL pledge(0xa9a3f804c51,0) > 15565 test STRU pledge request="stdio" > 15565 test RET pledge 0 > 15565 test CALL open(0xa9a3f804c57,0x2<O_RDWR>) > 15565 test NAMI "/tmp/testfile" > 15565 test PLDG open, "wpath", errno 1 Operation not permitted > with help from semarie, ok guenther (deraadt@) ktrace ~ ktrace.h > Fold "malloc" into "stdio" and -- recognizing that no program so far has > used less than "stdio" -- include all the "self" operations. Instead of > different defines, use regular PLEDGE_* in the "p_pledgenote" variable > (which indicates the operation subtype a system call is performing). Many > checks before easier to understand. p_pledgenote can often be passed > directly to ktrace, so that kdump says: > 15565 test CALL pledge(0xa9a3f804c51,0) > 15565 test STRU pledge request="stdio" > 15565 test RET pledge 0 > 15565 test CALL open(0xa9a3f804c57,0x2<O_RDWR>) > 15565 test NAMI "/tmp/testfile" > 15565 test PLDG open, "wpath", errno 1 Operation not permitted > with help from semarie, ok guenther (deraadt@) passwd ~ local_passwd.c ~ yp_passwd.c > No need to declare pwd_gensalt; it's unused and gone. > ok tedu@ (ajacoutot@) sed ~ main.c > Write error message instead of duplicated file name on error. > ok deraadt (tobias@) ssh ~ readconf.c > Do not prepend "exec" to the shell command run by "Match exec" in a config > file. It's an unnecessary optimization from repurposed ProxyCommand code > and prevents some things working with some shells. bz#2471, pointed out > by res at qoxp.net. ok markus@ (dtucker@) ~ ssh.c > Expand tildes in filenames passed to -i before checking whether or not the > identity file exists. This means that if the shell doesn't do the > expansion > (eg because the option and filename were given as a single argument) then > we'll still add the key. bz#2481, ok markus@ (dtucker@) tail ~ tail.1 > Unify & improve paragraphs talking about "==> file <==" headers in > head(1) and tail(1). > Input & okay from jmc@ (zhuk@) telnet ~ commands.c > Kill IP Source Route support, unusable since 1998. > ok sthen@ guenther@ mpi@ millert@ (jca@) ~ telnet.1 > We don't care about lack of source route support for IPv6. > ok sthen@ guenther@ mpi@ millert@ (jca@) ~ commands.c > Kill unused local var, and reorder while here. (jca@) tmux ~ tmux.c > Let's see if anyone screams about not being able to specify $TMPDIR > for their tmux sockets. > (Over the years, I have seen $TMPDIR set up worse than /tmp many times, > and don't know how this practice infected other parts of the system. > Nothing uses tmpdir(3), nor a huge-temporary-file program like sort.) > ok nicm (deraadt@) ~ format.c > Pass output from jobs through format_expand() so they are expanded again > (this was the previous behaviour). (nicm@) ~ cmd-choose-client.c ~ cmd-list-sessions.c ~ format.c ~ tmux.1 ~ tmux.h > Extend the modifiers allowed before formats: as well as the existing > #{=10:...} length limit, add #{t:...} to convert a time_t format to a > string, #{b:...} for basename and #{d:...} for dirname. Remove all the > foo_string time formats as they can now be replaced by "t:", for example > #{window_activity_string} becomes #{t:window_activity}. (nicm@) top ~ top.c > need "getpw" pledge; spotted by matthieu (deraadt@) == usr.sbin ========================================================== 11/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin bgpctl ~ bgpctl.8 > zap trailing whitespace; (jmc@) bgpd ~ rde.c > Only run the rib_dump_runner() if there is something pending and the > control socket has not many messages queued. (claudio@) ~ control.c ~ session.c ~ session.h > Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and > imsg_ctl_rde since these function should only be used by the control > code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs > don't need to queue behind all the incoming bgp UPDATES. This speeds > up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing > this since a very long time but it seems the SE was not adjusted. Yikes > (claudio@) bind ~ bin/dig/dig.1 ~ bin/dig/dig.c ~ bin/dig/host.c ~ bin/dig/nslookup.1 ~ bin/dig/nslookup.c ~ lib/isc/unix/net.c ~ lib/isc/unix/socket.c > pledge bind(1), dig(1), and nslookup(1). This modifies the underlying > ISC library to use socket(2) with the SOCK_DNS flag. As a result, the > port commands are disabled (such practice is rare in the wild these days, > and pretty incompatible with the DNS vs regular socket concept in pledge..) > ok bluhm phessler reyk, etc (deraadt@) cron ~ atrun.c ~ cron.c ~ do_command.c ~ misc.c > Remove cron.pid support. We still want to avoid multiple crons > running so verify that if the cron socket exists nothing is listening > on it. OK tedu@ (millert@) ~ pathnames.h > Remove PIDDIR and PIDFILE missed in previous commit. (millert@) dvmrpctl ~ dvmrpctl.c > pledge "route" no longer needed for if_indextoname & if_nametoindex > (deraadt@) eigrpd ~ rde_dual.c > Add a few more overflow protections in the DUAL state > machine. (renato@) ~ rde_dual.c > When converting the real bandwidth to the composite bandwidth, truncate > before applying the scaling factor. > When converting the composite bandwidth to the real bandwidth, apply > the scaling factor before the division and only then truncate. > This is to keep consistent with what Cisco does, the draft is unclear > on this point. (renato@) ~ kroute.c ~ interface.c ~ eigrpe.c > Fix some bugs in the detection of when an interface can be enabled. > (renato@) installboot ~ i386_installboot.c ~ i386_installboot.h ~ i386_softraid.c > Fix installboot(8) on i386/amd64 when softraid is on top of GPT. > ok krw deraadt (stsp@) ndp ~ ndp.c > pledge the main usage patterns similar to arp(8). Some akkorokamui > prevent doing this better, someone should try to refactor this more > like arp... also figure out what dawn-of-ipv6 options can be removed. > ok benno (deraadt@) ~ ndp.c > backout; many issues remain... (deraadt@) ntpd ~ ntp_dns.c > the DNS process was not discarding & redirecting stdin/out/err to > /dev/null. copy the code from the ntp engine. (deraadt@) route6d ~ Makefile ~ route6d.c > Another pidfile(3) removal; ok benno@ (jca@) ~ route6d.h > Kill unused ROUTE6D_CONF define. > Since 1999 no one has found the need to write support for a config file. > (jca@) ~ route6d.c > Rename allocopy() to xstrdup(), and make use of strdup(3). > No functional change. (jca@) ~ route6d.c > Sync surrounding code after reallocarray introduction. > No functional change. (jca@) ~ route6d.c > Those two functions take no parameters, thus /* ARGSUSED */ is meaningless. > No functional change. (jca@) ~ route6d.c > Plug memory leak introduced in r1.15. > No functional change. (jca@) ~ route6d.c > Correctly print size_t/time_t. > No functional change. (jca@) ~ route6d.c > hms() returns a pointer to static storage, annotate the return type with > "const" > No functional change. (jca@) rtadvd ~ Makefile ~ rtadvd.8 ~ rtadvd.c > Stop writing down a pidfile. > pid files aren't useful on OpenBSD, the rc.d(8) framework doesn't use > them. In rtadvd, not writing a pid file means that we can set tighter > pledge(2) settings. Also the pid file handling is pretty basic and the > atexit handler can't remove the pid file since rtadvd did a chroot - beurk. > ok florian@, "perfect" deraadt@ (!) (jca@) ~ rtadvd.c > pledge "stdio inet route"; ok deraadt@ (jca@) ~ advcap.c ~ config.c ~ dump.c ~ if.c ~ rtadvd.c ~ timer.c > ansify (jca@) ~ advcap.c > In case of error, also log the file name we failed to open. (jca@) tcpdump ~ smbutil.c > Cast ctype functions' argument to unsigned char. > ok guenther@ (mmcc@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
