OpenBSD src changes summary for 2016-07-13 ==========================================
lib/libtls libexec/spamd regress/lib sbin/route share/man sys/arch/amd64/amd64 sys/arch/amd64/conf sys/arch/arm/include sys/arch/arm/mainbus sys/arch/arm/simplebus sys/arch/armv7/imx sys/dev/ic sys/dev/pv sys/dev/wscons sys/net sys/netinet sys/netinet6 sys/uvm usr.bin/calendar usr.bin/ftp usr.bin/nc usr.bin/netstat usr.bin/sendbug usr.sbin/bgpd usr.sbin/httpd usr.sbin/ldapd usr.sbin/ntpd usr.sbin/route6d usr.sbin/syslogd == lib =============================================================== 01/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libtls ~ tls_config.c ~ tls_init.3 ~ tls_internal.h > Split the existing TLS cipher suite groups into four: > "secure" (TLSv1.2+AEAD+PFS) > "compat" (HIGH:!aNULL) > "legacy" (HIGH:MEDIUM:!aNULL) > "insecure" (ALL:!aNULL:!eNULL) > This allows for flexibility and finer grained control, rather than having > two extremes (an issue raised by Marko Kreen some time ago). > ok beck@ tedu@ (jsing@) == libexec =========================================================== 02/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec spamd ~ spamd.c > Adjust existing tls_config_set_cipher() callers for TLS cipher group > changes - map the previous configuration to the equivalent in the new > groups. This will be revisited post release. > Discussed with beck@ (jsing@) == regress =========================================================== 03/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libc/regex/main.c > Fix usage() output and getopt sorting (guenther@) == sbin ============================================================== 04/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin route ~ show.c > Introduce RTF_MULTICAST and flag corresponding IPv6 routes as such > instead of abusing RTF_CLONING. > Fix a leak reporeted by Aaron Riekenberg on misc@, ok sthen@ (mpi@) == share ============================================================= 05/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man4/route.4 > Introduce RTF_MULTICAST and flag corresponding IPv6 routes as such > instead of abusing RTF_CLONING. > Fix a leak reporeted by Aaron Riekenberg on misc@, ok sthen@ (mpi@) == sys =============================================================== 06/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ vmm.c > CPUID vendor ID was already register-swapped during initial query, so no > need to do it again. (mlarkin@) arch/amd64/conf ~ GENERIC > A work-in-progress driver for the Hyper-V NetVSC > Network VSC is an RNDIS device using NVSP protocol to communicate > with the Hyper-V VMBus via VMBus channels and/or shared memory. The > code was ported from FreeBSD with some API changes and simplifications. > While the Rx path is nearly complete, packet transmition is not > implemented yet. > ok deraadt, mlarkin (mikeb@) arch/arm/include ~ fdt.h > The "#address-cells" and "#size-cells" properties define the size > of the memory address and length information. The root node passes > this information down to the children and it can be overwritten by > other nodes inbetween. Pass these properties as part of the fdt > attach args, so that we can grab that information quickly inside > the drivers. > ok kettenis@ (patrick@) arch/arm/mainbus ~ mainbus.c > The "#address-cells" and "#size-cells" properties define the size > of the memory address and length information. The root node passes > this information down to the children and it can be overwritten by > other nodes inbetween. Pass these properties as part of the fdt > attach args, so that we can grab that information quickly inside > the drivers. > ok kettenis@ (patrick@) arch/arm/simplebus ~ simplebus.c > The "#address-cells" and "#size-cells" properties define the size > of the memory address and length information. The root node passes > this information down to the children and it can be overwritten by > other nodes inbetween. Pass these properties as part of the fdt > attach args, so that we can grab that information quickly inside > the drivers. > ok kettenis@ (patrick@) arch/armv7/imx ~ imxehci.c > Use the device tree voltage regulator information to supply power to the > USB > bus. For this only supports "fixed" regulators that are controlled through > a > gpio. But this covers all the case we currently handle with board ID > specific > code. Note that the old code did explicitly remove power first on some > boards, > which would reset bus-powered devices/hubs on the bus. The new code > doesn't do > this. If that causes problems we can revisit the issue. The boards that > would > be affected are sabrelight/nitrogen6x and utilite. > The plan is to evolve this into a generic regulator framework that supports > more complex regulator types as well. > ok jsg@, patrick@ (kettenis@) dev/ic ~ smc91cxx.c > remove unused function ether_cmp() > from tom (deraadt@) dev/pv ~ files.pv + if_hvn.c + if_hvnreg.h + rndisreg.h > A work-in-progress driver for the Hyper-V NetVSC > Network VSC is an RNDIS device using NVSP protocol to communicate > with the Hyper-V VMBus via VMBus channels and/or shared memory. The > code was ported from FreeBSD with some API changes and simplifications. > While the Rx path is nearly complete, packet transmition is not > implemented yet. > ok deraadt, mlarkin (mikeb@) dev/wscons ~ wsmouse.c > remove <0 check for an unsigned variable > from tom (deraadt@) net ~ route.h > Introduce RTF_MULTICAST and flag corresponding IPv6 routes as such > instead of abusing RTF_CLONING. > Fix a leak reporeted by Aaron Riekenberg on misc@, ok sthen@ (mpi@) ~ if.c ~ netisr.h > Move ARP processing back to the KERNEL_LOCK()ed task until the race > triggered by updating a cached, but removed from the table, entry is > properly fixed. > Diff from dlg@, prodding deraadt@ (mpi@) netinet ~ if_ether.c > Introduce RTF_MULTICAST and flag corresponding IPv6 routes as such > instead of abusing RTF_CLONING. > Fix a leak reporeted by Aaron Riekenberg on misc@, ok sthen@ (mpi@) ~ if_ether.c > Move ARP processing back to the KERNEL_LOCK()ed task until the race > triggered by updating a cached, but removed from the table, entry is > properly fixed. > Diff from dlg@, prodding deraadt@ (mpi@) netinet6 ~ nd6.c ~ nd6.h > store nd6 expiries in the route, not separately in the llinfo struct. > this makes it more consistent with arp, and makes expiries visible > via route(8) get as well as ndp(8). > ok mpi@ florian@ (dlg@) ~ in6.c ~ nd6.c > Introduce RTF_MULTICAST and flag corresponding IPv6 routes as such > instead of abusing RTF_CLONING. > Fix a leak reporeted by Aaron Riekenberg on misc@, ok sthen@ (mpi@) uvm ~ uvm_mmap.c > Since mappings established using __MAP_NOFAIL will be converted into > anonymous > memory if the file backing the mapping is truncated, we should check > resource > limits. This prevents callers from triggering a kernel panic and a > potential > integer overflow in the amap code by forcing the allocation of too many > slots. > Based on an analysis from Jesse Hertz and Tim Newsham. > ok deraadt@ (kettenis@) ~ uvm_mmap.c > Revert previous; the __MAP_NOFAULT test is inverted and the commit message > is > wrong. (kettenis@) ~ uvm_mmap.c > Since mappings established using __MAP_NOFAULT will be converted into > anonymous > memory if the file backing the mapping is truncated, we should check > resource > limits. This prevents callers from triggering a kernel panic and a > potential > integer overflow in the amap code by forcing the allocation of too many > slots. > Based on an analysis from Jesse Hertz and Tim Newsham. > ok deraadt@ (kettenis@) == usr.bin =========================================================== 07/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin calendar ~ day.c > When matching a day in the month, make sure that the date is still > in the month we are interested in after calling mktime(3). This > fixes things like Sunday+5 for months where there is not a 5th > Sunday and the 31st day in months with less than 31 days. > From Andy Bradford (millert@) ftp ~ main.c > Adjust existing tls_config_set_cipher() callers for TLS cipher group > changes - map the previous configuration to the equivalent in the new > groups. This will be revisited post release. > Discussed with beck@ (jsing@) nc ~ netcat.c > Adjust existing tls_config_set_cipher() callers for TLS cipher group > changes - map the previous configuration to the equivalent in the new > groups. This will be revisited post release. > Discussed with beck@ (jsing@) netstat ~ show.c ~ netstat.1 > Introduce RTF_MULTICAST and flag corresponding IPv6 routes as such > instead of abusing RTF_CLONING. > Fix a leak reporeted by Aaron Riekenberg on misc@, ok sthen@ (mpi@) sendbug ~ sendbug.1 > ross l richardson reports that an auto reply is no longer generated > on submission, so remove that sentence (correct me if this is wrong); > while here replace some mandoc chars; (jmc@) == usr.sbin ========================================================== 08/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin bgpd ~ printconf.c > output the no-longer-so-new AS operators when printing the > configuration > noticed by and diff from Denis Fondras, thanks! > ok phessler@ sthen@ (benno@) httpd ~ httpd.h > Adjust existing tls_config_set_cipher() callers for TLS cipher group > changes - map the previous configuration to the equivalent in the new > groups. This will be revisited post release. > Discussed with beck@ (jsing@) ldapd ~ parse.y > Adjust existing tls_config_set_cipher() callers for TLS cipher group > changes - map the previous configuration to the equivalent in the new > groups. This will be revisited post release. > Discussed with beck@ (jsing@) ntpd ~ constraint.c > Adjust existing tls_config_set_cipher() callers for TLS cipher group > changes - map the previous configuration to the equivalent in the new > groups. This will be revisited post release. > Discussed with beck@ (jsing@) route6d ~ route6d.c > Introduce RTF_MULTICAST and flag corresponding IPv6 routes as such > instead of abusing RTF_CLONING. > Fix a leak reporeted by Aaron Riekenberg on misc@, ok sthen@ (mpi@) syslogd ~ syslogd.c > Adjust existing tls_config_set_cipher() callers for TLS cipher group > changes - map the previous configuration to the equivalent in the new > groups. This will be revisited post release. > Discussed with beck@ (jsing@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
