OpenBSD src changes summary for 2016-11-02 ==========================================
distrib/sets lib/libcrypto lib/libssl lib/libtls sys/arch/octeon/dev sys/arch/octeon/stand/boot sys/dev/pv sys/kern sys/sys usr.bin/nc usr.bin/tmux usr.sbin/acme-client usr.sbin/syspatch == distrib =========================================================== 01/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib sets ~ lists/base/mi > sync (sthen@) == lib =============================================================== 02/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libcrypto - doc/DES_set_key.pod - doc/DH_generate_key.pod - doc/DH_generate_parameters.pod - doc/DH_get_ex_new_index.pod - doc/DH_new.pod - doc/DH_set_method.pod - doc/DH_size.pod ~ man/Makefile + man/DES_set_key.3 + man/DH_generate_key.3 + man/DH_generate_parameters.3 + man/DH_get_ex_new_index.3 + man/DH_new.3 + man/DH_set_method.3 + man/DH_size.3 > convert DES and DH manuals from pod to mdoc (schwarze@) - doc/DSA_SIG_new.pod - doc/DSA_do_sign.pod - doc/DSA_dup_DH.pod - doc/DSA_generate_key.pod - doc/DSA_generate_parameters.pod - doc/DSA_get_ex_new_index.pod - doc/DSA_new.pod - doc/DSA_set_method.pod - doc/DSA_sign.pod - doc/DSA_size.pod - doc/EC_GFp_simple_method.pod - doc/EC_GROUP_copy.pod - doc/EC_GROUP_new.pod - doc/EC_KEY_new.pod - doc/EC_POINT_add.pod - doc/EC_POINT_new.pod ~ man/Makefile + man/DSA_SIG_new.3 + man/DSA_do_sign.3 + man/DSA_dup_DH.3 + man/DSA_generate_key.3 + man/DSA_generate_parameters.3 + man/DSA_get_ex_new_index.3 + man/DSA_new.3 + man/DSA_set_method.3 + man/DSA_sign.3 + man/DSA_size.3 + man/EC_GFp_simple_method.3 + man/EC_GROUP_copy.3 + man/EC_GROUP_new.3 + man/EC_KEY_new.3 + man/EC_POINT_add.3 + man/EC_POINT_new.3 > convert DSA and EC manuals from pod to mdoc (schwarze@) - doc/ERR.pod - doc/ERR_GET_LIB.pod - doc/ERR_clear_error.pod - doc/ERR_error_string.pod - doc/ERR_get_error.pod - doc/ERR_load_crypto_strings.pod - doc/ERR_load_strings.pod - doc/ERR_print_errors.pod - doc/ERR_put_error.pod - doc/ERR_remove_state.pod - doc/ERR_set_mark.pod ~ man/Makefile + man/ERR.3 + man/ERR_GET_LIB.3 + man/ERR_clear_error.3 + man/ERR_error_string.3 + man/ERR_get_error.3 + man/ERR_load_crypto_strings.3 + man/ERR_load_strings.3 + man/ERR_print_errors.3 + man/ERR_put_error.3 + man/ERR_remove_state.3 + man/ERR_set_mark.3 > convert ERR manuals from pod to mdoc; while reading this, > i wtfed, laughed, puked, and cried in more or less that order... > (schwarze@) libssl ~ ssl_sess.c > Wrap some >80 char lines. (jsing@) ~ ssl_lib.c > Expand IMPLEMENT_LHASH_COMP_FN/IMPLEMENT_LHASH_HASH_FN macros - the only > change to generated assembly results from a difference in line numbers. > (jsing@) ~ ssl.h > Expand DECLARE_PEM_rw macro. (jsing@) ~ ssl.h > Expand DECLARE_LHASH_OF and LHASH_OF macros. (jsing@) ~ ssl.h > Expand another LHASH_OF macro. (jsing@) ~ ssl_lib.c ~ ssl_sess.c > Expand LHASH_OF, IMPLEMENT_LHASH_DOALL_ARG_FN and LHASH_DOALL_ARG_FN > macros. Only change in generated assembly is due to line numbering. > (jsing@) libtls ~ Makefile ~ tls.c ~ tls.h ~ tls_client.c ~ tls_init.3 ~ tls_internal.h + tls_ocsp.c > Add OCSP client side support to libtls. > - Provide access to certificate OCSP URL > - Provide ability to check a raw OCSP reply against an > established TLS ctx > - Check and validate OCSP stapling info in the TLS handshake > if a stapled OCSP response is provided.` > Add example code to show OCSP URL and stapled info > into netcat. > ok jsing@ (beck@) ~ shlib_version > bump minor for ocsp api additions (beck@) ~ tls_init.3 > tweak previous; (jmc@) ~ tls_ocsp.c > Ensure handshake is complete before processing an ocsp response for a ctx > ok jsing@ (beck@) ~ tls_ocsp.c > fix shadow declaration of time in parameter list. > ok jsing@ (beck@) ~ tls_init.3 > bit more cleanup; (jmc@) == sys =============================================================== 03/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/octeon/dev ~ if_cnmac.c > Make possible to change the link layer address of a cnmac(4) interface. > Asked by and ok stsp@, ok jasper@ (visa@) arch/octeon/stand/boot ~ Makefile > when CONSPEED moved from libsa.h to Makefile it lost a leading '1', > reinstate the original of 115200 > spotted by brad (jasper@) dev/pv ~ hyperv.c > Fixup a wait channel used during VMBus channel discovery > Clang static analyser has found that a tsleep was using an uninitialised > pointer value as a wait channel. An associated wakeup wasn't doing the > right thing either. (mikeb@) ~ hyperv.c > Inline the macro that is used only once (mikeb@) ~ hypervreg.h > Add Windows 10 VMBus protocol version (mikeb@) kern ~ subr_pool.c > add per cpu caches for free pool items. > this is modelled on whats described in the "Magazines and Vmem: > Extending the Slab Allocator to Many CPUs and Arbitrary Resources" > paper by Jeff Bonwick and Jonathan Adams. > the main semantic borrowed from the paper is the use of two lists > of free pool items on each cpu, and only moving one of the lists > in and out of a global depot of free lists to mitigate against a > cpu thrashing against that global depot. > unlike slabs, pools do not maintain or cache constructed items, > which allows us to use the items themselves to build the free list > rather than having to allocate arrays to point at constructed pool > items. > the per cpu caches are build on top of the cpumem api. > this has been kicked a bit by hrvoje popovski and simon mages (thank you). > im putting it in now so it is easier to work on and test. > ok jmatthew@ (dlg@) ~ subr_pool.c > use a TAILQ to maintain the list of item lists used by the percpu code. > it makes it more readable, and fixes a bug in pool_list_put where it > was returning the next item in the current list rather than the next > list to be freed. (dlg@) ~ subr_pool.c > add poisoning of items on the per cpu caches. > it copies the existing pool code, except it works on pool_list > structures instead of pool_item structures. > after this id like to poison the words used by the TAILQ_ENTRY in > the pool_list struct that arent used until a list of items is moved > into the global depot. (dlg@) ~ subr_pool.c > poison the TAILQ_ENTRY in items in the per cpu pool cache. (dlg@) sys ~ pool.h > add per cpu caches for free pool items. > this is modelled on whats described in the "Magazines and Vmem: > Extending the Slab Allocator to Many CPUs and Arbitrary Resources" > paper by Jeff Bonwick and Jonathan Adams. > the main semantic borrowed from the paper is the use of two lists > of free pool items on each cpu, and only moving one of the lists > in and out of a global depot of free lists to mitigate against a > cpu thrashing against that global depot. > unlike slabs, pools do not maintain or cache constructed items, > which allows us to use the items themselves to build the free list > rather than having to allocate arrays to point at constructed pool > items. > the per cpu caches are build on top of the cpumem api. > this has been kicked a bit by hrvoje popovski and simon mages (thank you). > im putting it in now so it is easier to work on and test. > ok jmatthew@ (dlg@) ~ pool.h > use a TAILQ to maintain the list of item lists used by the percpu code. > it makes it more readable, and fixes a bug in pool_list_put where it > was returning the next item in the current list rather than the next > list to be freed. (dlg@) ~ pool.h > poison the TAILQ_ENTRY in items in the per cpu pool cache. (dlg@) == usr.bin =========================================================== 04/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin nc ~ netcat.c > Add OCSP client side support to libtls. > - Provide access to certificate OCSP URL > - Provide ability to check a raw OCSP reply against an > established TLS ctx > - Check and validate OCSP stapling info in the TLS handshake > if a stapled OCSP response is provided.` > Add example code to show OCSP URL and stapled info > into netcat. > ok jsing@ (beck@) tmux ~ cmd.c > Make an empty state on error rather than leaving something partially > created (which now is now a fatal() later). (nicm@) == usr.sbin ========================================================== 05/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin acme-client ~ http.c > Use secure defaults for TLS - instead of accepting TLSv1.0 and any cipher > suite, use the libtls defaults and require TLSv1.2 with an AEAD+PFS cipher > suite - given who we're talking to one would hope that they meet these > requirements... > ok benno@ deraadt@ florian@ (jsing@) syspatch ~ syspatch.sh > Be verbose when reverting a patch. > committing now to please espie@ (ajacoutot@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
