OpenBSD src changes summary for 2015-11-15 ==========================================
distrib/sets distrib/special games/fortune gnu/usr.bin/binutils gnu/usr.bin/binutils-2.17 lib/libc lib/libcrypto lib/libmenu lib/libpcap lib/libssl libexec/ld.so sbin/fdisk share/man sys/arch/macppc/macppc sys/arch/socppc/socppc sys/dev/pci sys/dev/usb sys/net sys/net80211 usr.bin/bc usr.bin/file usr.bin/less usr.bin/locate usr.bin/make usr.bin/rdistd usr.bin/ssh usr.bin/tmux usr.bin/tset usr.bin/vi usr.sbin/cron usr.sbin/tcpdump usr.sbin/user usr.sbin/ypldap == distrib =========================================================== 01/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib sets ~ lists/base/md.alpha ~ lists/base/md.amd64 ~ lists/base/md.armish ~ lists/base/md.armv7 ~ lists/base/md.aviion ~ lists/base/md.hppa ~ lists/base/md.hppa64 ~ lists/base/md.i386 ~ lists/base/md.landisk ~ lists/base/md.loongson ~ lists/base/md.luna88k ~ lists/base/md.macppc ~ lists/base/md.octeon ~ lists/base/md.sgi ~ lists/base/md.socppc ~ lists/base/md.sparc ~ lists/base/md.sparc64 ~ lists/base/md.vax ~ lists/base/md.zaurus ~ lists/comp/mi ~ lists/man/mi > sync (deraadt@) special ~ more/Makefile ~ more/curses.h ~ more/more.c ~ more/termcap.c ~ more/tgoto.c ~ more/tputs.c > KNF, de-register, fix other minor grumbles (deraadt@) == games ============================================================= 02/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/games fortune ~ datfiles/fortunes > fix a double space issue in the following, rather wonderful, fortune: > On two occasions I have been asked [by members of Parliament!], `Pray, > Mr. Babbage, if you put into the machine wrong figures, will the right > answers come out?' I am not able rightly to apprehend the kind of > confusion of ideas that could provoke such a question. > -- Charles Babbage (jmc@) == gnu =============================================================== 03/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu usr.bin/binutils ~ binutils/rename.c > Same as in binutils-2.17, only restore regular permission bits. > But don't restore ownership/setuid/etc bits. ok deraadt@ (jca@) usr.bin/binutils-2.17 ~ binutils/rename.c > Using #ifndef __OpenBSD__, disable the really dangerous and silly > setuid-preserving code in the so-called smart_rename() function. I > don't want my tools (ar, ranlib, objcopy, strip) going through the > effort to preserve setuid bits on ``build-directory'' files when they > sense a symbolic link, thank you very much. The modern way is to build > code, then set such modes at install-time. > Our kernel goes through the effort to clear setuid flags, and this was > neutering that attempt. Also has atrocious error handling. > (Identified as an issue of concern while doing the audit for pledge) > ok guenther (deraadt@) ~ binutils/ar.c ~ binutils/objcopy.c > In most cases binutils strips off setuid/setgid bits when creating copies > of files. In two cases however they were not being masked. These are > build > tools -- therefore they should not encourage further propogation of such > unsafe bits. > ok guenther (deraadt@) ~ binutils/ar.c ~ binutils/objcopy.c > Now that the (setuid bit related) bad-practice audit and repair is > complete, > ar/ranlib and objcopy/strip can pledge "stdio rpath wpath cpath fattr" > ok guenther (deraadt@) ~ binutils/rename.c > In smart_rename, restore at least the regular permissions bits. > But don't try to chown or set special bits. This fixes several ports. > ok deraadt@ (jca@) == lib =============================================================== 04/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ arch/sparc64/fpu/fpu_implode.c > I got a round tuit to rename round() to roundit() to avoid gcc warning. > ok deraadt@ (guenther@) ~ Symbols.list > _towctrans_ext and _wctrans_init are now hidden; so drop them from the list > (guenther@) ~ arch/sparc64/fpu/fpu_implode.c > Tweak previous: rename it to fpround() to match FreeBSD > requested by kettenis@ (guenther@) libcrypto ~ man/des_read_pw.3 > ui_new -> UI_new; (jmc@) libmenu ~ menu_attributes.3 ~ menu_cursor.3 ~ menu_format.3 ~ menu_hook.3 ~ menu_items.3 ~ menu_mark.3 ~ menu_new.3 ~ menu_opts.3 ~ menu_pattern.3 ~ menu_post.3 ~ menu_requestname.3 ~ menu_spacing.3 ~ menu_userptr.3 ~ menu_win.3 > update NAME; ok nicm schwarze (jmc@) libpcap ~ pcap.3 > update NAME; ok schwarze (jmc@) libssl ~ src/doc/ssl/SSL_CTX_sessions.3 > fix references to lhash(3); (jmc@) == libexec =========================================================== 05/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec ld.so ~ ldconfig/ldconfig.c > pledge "stdio rpath wpath cpath tmppath fattr" > ok guenther (deraadt@) ~ loader.c ~ alpha/ldasm.S ~ alpha/syscall.h ~ amd64/ldasm.S ~ amd64/syscall.h ~ arm/ldasm.S ~ arm/syscall.h ~ hppa/ldasm.S ~ hppa/syscall.h ~ i386/ldasm.S ~ i386/syscall.h ~ m88k/ldasm.S ~ m88k/syscall.h ~ mips64/ldasm.S ~ mips64/syscall.h ~ powerpc/ldasm.S ~ powerpc/syscall.h ~ sh/ldasm.S ~ sh/syscall.h ~ sparc/ldasm.S ~ sparc/syscall.h ~ sparc64/ldasm.S ~ sparc64/syscall.h > ldd(1) sets environment variable LD_TRACE_LOADED_OBJECTS to tell ld.so > that it should show information about the program it loads, rather than > run it. In that specific case, ld.so can pledge to "stdio rpath" to > ensure that code path in ld.so has no bugs. > Yes, a pledge in ld.so.... who'd have thought! > ok guenther (deraadt@) == sbin ============================================================== 06/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin fdisk ~ fdisk.c ~ gpt.c ~ gpt.h > Move zapping of invalid GPT data into GPT_get_gpt() rather than > returning a value to tell callers to zap it. Use consistant idiom > to check for the presence of a GPT (check gh.gh_sig). When zapping > GPT, always zap both the header and partition table just for > paranoia's sake. (krw@) == share ============================================================= 07/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man9/VOP_LOOKUP.9 > word fix; (jmc@) ~ man9/Makefile > remove entries for SRPL_HEAD_INIT (listed twice!) and SRPL_ENTRY_INIT, > neither of which appear to exist; (jmc@) ~ man9/Makefile > remove mlink for non-existent ieee80211_compute_duration; (jmc@) == sys =============================================================== 08/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/macppc/macppc ~ locore.S > Make sure every mtmsr instruction disabling external interrupts is > immediately > followed by an isync. > ok mpi@ (miod@) ~ ofwreal.S > everyting -> everything (miod@) arch/socppc/socppc ~ locore.S > Make sure every mtmsr instruction disabling external interrupts is > immediately > followed by an isync. > ok mpi@ (miod@) dev/pci ~ if_iwmreg.h > Declare macros for antenna flags. Lifted from Linux iwlwifi. (stsp@) ~ virtio_pci.c > virtio2 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00: Virtio > Network Device > becomes simply > virtio2 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00 > (deraadt@) dev/usb ~ if_rsu.c > Declare 802.11n mode and channel flags. Tweak 11n related fields in struct > ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking > the build in rsu(4) for RAMDISK_CD. > Also declare 11n protection modes and MCS count. > ok deraadt mpi kettenis guenther (stsp@) net ~ if_media.h > Add ifmedia definitions for 802.11n. > ok deraadt mpi phessler kettenis guenther (stsp@) net80211 ~ ieee80211.c ~ ieee80211.h ~ ieee80211_ioctl.h ~ ieee80211_output.c ~ ieee80211_radiotap.h ~ ieee80211_var.h > Declare 802.11n mode and channel flags. Tweak 11n related fields in struct > ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking > the build in rsu(4) for RAMDISK_CD. > Also declare 11n protection modes and MCS count. > ok deraadt mpi kettenis guenther (stsp@) ~ ieee80211_crypto_ccmp.c > Fix CCMP (WPA2) in preparation for 11n. This code didn't handle QoS > frames correctly but QoS frames are required for 11n A-MPDU aggregation > and 11n STAs are required to use CCMP instead of WEP or TKIP ciphers. > The QoS bit in FC0 is part of AAD (additional authentication data) but > was being masked unconditionally. > The FC1 order bit is masked to 0 in AAD if a data frame contains a QoS > control field but this code was looking for HT control fields instead. > Add an XXX comment about another bit which must be set if SPP (signaling > and payload protected) A-MSDUs are supported. Neither Linux nor FreeBSD > seem to set this bit, and we don't support SPP A-MSDUs yet so a comment > seems good enough for now. > ok deraadt mpi kettenis guenther > helpful hints from mikeb (stsp@) ~ ieee80211_input.c ~ ieee80211_node.c ~ ieee80211_node.h > Extend struct ieee80211_node with fields for 11n STA HT capabilities and > HT operational information sent by 11n APs. These fields reflect the > structure > of elements in management frames so that IEEE80211_HTCAP* and > IEEE80211_HTOP* > macros designed to operate on frame elements can be used directly to read > or set the fields. > Populate nodes with HT information received in probe responses, probe > requests, and association requests. > ok deraadt mpi phessler kettenis guenther (stsp@) ~ ieee80211.c > IEEE80211_MODE_MAX has been raised to include 11n mode so make sure that > ieee80211_media_init doesn't index its rates array beyond turbo mode. > (stsp@) ~ ieee80211_input.c ~ ieee80211_node.c ~ ieee80211_proto.c ~ ieee80211_proto.h > Parse 11n HT capabilities and operational info from association response > frames, negotiate HT with the AP, and move the interface into or out of > 11n mode accordingly. If running as AP negotiate HT with nodes joining the > BSS. > ok deraadt mpi kettenis guenther (stsp@) ~ ieee80211.c ~ ieee80211_node.h ~ ieee80211_proto.c ~ ieee80211_var.h > Expose 11n mode to the ifmedia layer and introduce the concept of MCS. > Make sure 11n features are enabled only if media type is autoselect or 11n. > 11n mode uses MCS (modulation & coding scheme) instead of rates like > 11a/b/g. > This means we'll have to take the current mode into account and decide > whether > to use a rate or an MCS for transmission. Receiving frames on legacy rates > will still work in 11n mode. We just won't be using legacy rates to send > data frames to an STA or AP we negotiated 11n features with. > My initial plan was to grow the ieee80211_rateset structure and treat MCS > just like rates. However, ieee80211_rateset corresponds to rates and xrates > elements in management frames and is copied directly into such elements > so its size cannot change. Thus, MCS stands on its own and corresponds to > elements in management frames related to 11n HT capabilities. > ok deraadt mpi phessler kettenis guenther (stsp@) ~ ieee80211_amrr.c > Add support for 11n mode to the rate adaptation (AMRR) code. > Currently limited to MCS 0-7. For now, drivers must not configure 11n > hardware to use MCS other than MCS 0-7, which limits us to 65Mbit/s. > MCS 8 and above use MIMO and will require more work in AMRR once we get > there. > ok deraadt mpi phessler kettenis guenther (stsp@) == usr.bin =========================================================== 09/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin bc ~ bc.1 > '.Ql Quit' -> '.Ql quit' because only the lowercase command is valid. > (mmcc@) file ~ magic-load.c > When validating a char by calling strchr() with a string of allowed chars, > check for '\0' first, because strchr() would return non-NULL. > ok nicm (tobias@) less ~ less.1 > The compile-time secure mode has gone, from Michael Reed. (nicm@) locate ~ code/locate.code.c > pretty simple. pledge "stdio rpath" at startup, and pledge "stdio" after > opening the database. (deraadt@) ~ bigram/locate.bigram.c ~ locate/locate.c > very simple pledges, stdio and rpath, very boring (deraadt@) make ~ regress.c > exit needs stdlib, switch to "return 0" to fix. > ok espie (daniel@) ~ main.c ~ varmodifiers.c > unifdef MAKE_BOOTSTRAP now that Makefile.boot is gone. > ok espie@ (daniel@) rdistd ~ server.c > Switch to linkat() to support hardlinked symlinks > Simplify chown logic by using fchownat() > Cache whether we're root instead of calling getuid() before each chown > (guenther@) ssh ~ readconf.c ~ readconf.h ~ ssh-agent.1 ~ ssh.1 ~ ssh_config.5 ~ sshconnect.c ~ sshconnect.h ~ sshconnect1.c ~ sshconnect2.c > Add an AddKeysToAgent client option which can be set to 'yes', 'no', > 'ask', or 'confirm', and defaults to 'no'. When enabled, a private > key that is used during authentication will be added to ssh-agent if > it is running (with confirmation enabled if set to 'confirm'). > Initial version from Joachim Schipper many years ago. > ok markus@ (jcs@) ~ ssh-agent.1 > do not confuse mandoc by presenting "Dd"; (jmc@) ~ ssh_config.5 > correct section number for ssh-agent; (jmc@) tmux ~ client.c ~ server.c ~ tmux.c > Accidentally turned off pledge, turn it back on. (nicm@) ~ tmux.h > Make key_code unsigned long long not uint64_t which is more portable for > printf formats, and move UTF8_SIZE define down to near the rest of the > UTF-8 bits. (nicm@) tset ~ tset.c > Simplify TIOCGWINSZ codeblock by removing support for SCO Unix. (deraadt@) vi ~ common/main.c > Basic pledge for vi. > ok deraadt@ (bentley@) ~ common/main.c > Vi needs flock, for those who haven't set nolock in .exrc for years... > Pointed out by Theo Buehler. (bentley@) == usr.sbin ========================================================== 10/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin cron ~ atrun.c ~ cron.c ~ do_command.c ~ popen.c ~ user.c > Clean up the remaining uses of stderr and perror() and use warn/err > and/or syslog depending on whether stderr is hooked up at the time. > Also remove closelog() which is not needed since we are headed for exec. > OK guenther@ (millert@) tcpdump ~ gmt2local.c ~ interface.h ~ nameser.h ~ parsenfsfh.c ~ print-arp.c ~ print-atalk.c ~ print-bootp.c ~ print-carp.c ~ print-cnfp.c > Remove more register keywords. > ok daniel@, discussed on hackers@ (mmcc@) user ~ user.c > Really silly to chmod "st_mode & 07777" when making a copy of the > group file, like entirely missing the point. > ok jca (deraadt@) ~ main.c > pledge "stdio rpath wpath cpath fattr getpw flock id proc exec" at the > top. It is a lot, maybe someone will take the time to find smaller > chunks later in the program. > tested by jca (deraadt@) ypldap ~ ypldap_dns.c ~ ldapclient.c ~ ypldap.c > pledge for ypldap is easy because it's purely a network program. > One process talks to yp clients, one talks to ldap servers, one does dns. > ok deraadt@ (jmatthew@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
