OpenBSD src changes summary for 2016-07-21 ==========================================
sbin/dhclient sys/arch/armv7/imx sys/dev/pci sys/dev/pv sys/dev/usb sys/kern sys/netinet sys/sys usr.bin/openssl usr.bin/ssh usr.bin/tcpbench usr.sbin/bgpd usr.sbin/switchd usr.sbin/tcpdump == sbin ============================================================== 01/04 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ dhclient.c ~ dispatch.c ~ kroute.c > Use explicit idiom when testing the result of strcmp() and strncmp(). > i.e. == 0 and != 0 as appropriate. No intentional functional change. > Suggested by & ok tom@ (krw@) == sys =============================================================== 02/04 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/armv7/imx ~ if_fec.c > set and clear the 10baseT bit in statchg > ok patrick@ (jsg@) dev/pci ~ if_rtwn.c > Make rtwn(4) and urtwn(4) respect the RTS threshold set by net80211. > ok mpi@ (stsp@) dev/pv ~ hyperv.c ~ if_hvn.c > Remove a few debugging leftovers (mikeb@) dev/usb ~ if_urtwn.c > Make rtwn(4) and urtwn(4) respect the RTS threshold set by net80211. > ok mpi@ (stsp@) kern ~ uipc_socket.c TAGGED OPENBSD_5_8 > I forgot to commit the 5.8 version of the splice fix. > Reminded by Florian Riehm > backport splice loop fix: > On localhost a user program may create a socket splicing loop. > After writing data into this loop, it was spinning forever causing > a kernel hang. Detect the loop by counting how often the same mbuf > is spliced. If that happens 128 times, assume that there is a loop > and abort the splicing with ELOOP. > Bug found by tedu@; OK tedu@ millert@ benno@ (tedu@) netinet ~ tcp_output.c TAGGED OPENBSD_5_8 > I forgot to commit the 5.8 version of the splice fix. > Reminded by Florian Riehm > backport splice loop fix: > On localhost a user program may create a socket splicing loop. > After writing data into this loop, it was spinning forever causing > a kernel hang. Detect the loop by counting how often the same mbuf > is spliced. If that happens 128 times, assume that there is a loop > and abort the splicing with ELOOP. > Bug found by tedu@; OK tedu@ millert@ benno@ (tedu@) sys ~ mbuf.h TAGGED OPENBSD_5_8 > I forgot to commit the 5.8 version of the splice fix. > Reminded by Florian Riehm > backport splice loop fix: > On localhost a user program may create a socket splicing loop. > After writing data into this loop, it was spinning forever causing > a kernel hang. Detect the loop by counting how often the same mbuf > is spliced. If that happens 128 times, assume that there is a loop > and abort the splicing with ELOOP. > Bug found by tedu@; OK tedu@ millert@ benno@ (tedu@) == usr.bin =========================================================== 03/04 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin openssl ~ openssl.1 > strip back openssl crl somewhat: remove the examples > and move any relevant text into the main body; (jmc@) ~ openssl.1 > rename NOTES to COMMON SYNTAX (explains itself better); rework the > passphrase section a little; move the DER|PEM stuff in there to help > avoid text repetition, and prefer the lowercase (less keys to press); > adjust ENVIRONMENT to format a little more nicely; (jmc@) ~ openssl.1 > rework DESCRIPTION a little: no-command seems clearer than no-XXX; (jmc@) ssh ~ auth-passwd.c > Skip passwords longer than 1k in length so clients can't easily DoS sshd > by sending very long passwords, causing it to spend CPU hashing them. > feedback djm@, ok markus@. > Brought to our attention by tomas.kuthan at oracle.com, shilei-c at > 360.cn and coredump at autistici.org (dtucker@) tcpbench ~ tcpbench.1 ~ tcpbench.c > Add AF_UNIX support to tcpbench and also make it possible to randomize the > write size in the client. pledge setup can be made tighter but that will be > done in a second step. > OK benno@, henning@, markus@ and some man page input by jmc@ (claudio@) ~ tcpbench.1 > zap trailing whitespace; (jmc@) == usr.sbin ========================================================== 04/04 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin bgpd ~ session.c ~ rde.c > Remove a fatal() in peer_up when the local addrs of a peer can't be figured > out. > Instead bring the session down and wait for admin help. > OK henning@, benno@, phessler@ (claudio@) switchd ~ ofp.c ~ ofp10.c ~ ofp13.c ~ switchd.h > Turn ofp*_debug functions into ofp*_validate functions to follow a > similar approach like iked: first validate the packet, then parse it, > and execute actions. debug logging is a side effect of validation. (reyk@) ~ ofp10.c ~ switchd.h ~ packet.c > With uint32_t ports, we cannot sneak the port into an int anymore (reyk@) ~ ofp10.c > long to uint32_t port (reyk@) ~ ofp13.c > Add basic support for OpenFlow 1.3 PACKET_IN+PACKET_OUT, > no FLOW_MOD yet. (reyk@) tcpdump ~ privsep.c > 2004 privsep caused "tcpdump -r" to became a priviledged operation because > we felt chroot-containment was also necessary for off-line analysis. Today > use of pledge "stdio" for the packet parser acts as an even better sandbox. > We can therefore silently ignore chroot setup failure, and regain tcpdump > -r > support. > Result of a discussion with tedu -- which probably happened because we > became aware of the laughable retarded -Z option in upstream tcpdump. > ok tedu sthen guenther stsp (deraadt@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
