OpenBSD src changes summary for 2016-12-13
==========================================

distrib/sets                            lib/libcrypto
lib/libssl                              regress/sys
sbin/ifconfig                           sbin/route
share/man                               sys/arch/amd64/conf
sys/dev/pci                             sys/dev/pv
sys/net                                 sys/netinet
sys/stand                               usr.sbin/dhcrelay
usr.sbin/tcpdump                        

== distrib =========================================================== 01/07 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib

sets

  ~ lists/comp/mi                         

  > sync (deraadt@)

== lib =============================================================== 02/07 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib

libcrypto

  ~ man/OCSP_SERVICELOC_new.3             

  > typo fix; ok schwarze (jmc@)

  ~ man/Makefile                          + man/PKCS7_new.3

  > Write PKCS7_new(3) manual page from scratch.  All the functions are
  > public: listed in <openssl/pkcs7.h> and OpenSSL doc/man3/X509_dup.pod.
  > Note that the OpenSSL documentation specifies the wrong header file.
  > (schwarze@)

  ~ man/PEM_write_bio_PKCS7_stream.3      ~ man/PKCS7_decrypt.3
  ~ man/PKCS7_encrypt.3                   ~ man/PKCS7_sign.3
  ~ man/PKCS7_sign_add_signer.3           ~ man/PKCS7_verify.3
  ~ man/SMIME_read_PKCS7.3                ~ man/SMIME_write_PKCS7.3
  ~ man/i2d_PKCS7_bio_stream.3            

  > tweak SEE ALSO; in particular,
  > make sure that all PKCS7 pages point to PKCS7_new(3) (schwarze@)

  ~ man/Makefile                          + man/RSA_PSS_PARAMS_new.3

  > Start RSA_PSS_PARAMS_new(3) stub from scratch.  Both functions
  > are listed in <openssl/rsa.h> and OpenSSL doc/man3/X509_dup.pod.
  > Note that the OpenSSL documentation specifies the wrong header file.
  > More could probably be said about PSS, but this is a start... (schwarze@)

libssl

  ~ s3_clnt.c                             

  > Convert ssl3_send_client_kex_ecdhe() to CBB. Also check the return value of
  > the EC_POINT_point2oct() calls.
  > Feedback from and ok doug@ (jsing@)

  ~ s3_clnt.c                             

  > Convert ssl3_send_client_kex_gost() to CBB.
  > ok doug@ (jsing@)

  ~ s3_clnt.c                             

  > Complete the CBB conversion and cleanup of send_client_key_exchange().
  > ok doug@ (jsing@)

== regress =========================================================== 03/07 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress

sys

  ~ netinet/pmtu/tcp_connect.py           ~ netinet/pmtu/tcp_connect6.py
  ~ netinet/pmtu/udp_echo6.py             

  > Print better error messages in case an expected packet is missing. (bluhm@)

== sbin ============================================================== 04/07 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin

ifconfig

  ~ ifconfig.c                            

  > make setting and getting tunnel addresses wrt to ipv6 scope handling.
  > setting a tunnel addresses uses a sockaddr_in6 from getaddrinfo, which
  > sets sin6_scope_id for scoped addresses. this is nice and portable.
  > reading a tunnel address assumed the scope was embedded in link local
  > addresses in sin6_addr, and unpacked the scope back into sin6_scope_id.
  > this is inconsistent with the code that sets tunnel addresses.
  > this fixes the read path so it assumes the kernel sets sin6_scope_id
  > like it it assumes the kernel will read on the set side. noone likes
  > the kame hack of embedding the scope id in the addreses.
  > ok mpi@ (dlg@)

route

  ~ route.c                               ~ show.c
  ~ show.h                                

  > Print the correct netmask instead of /0 when flushing routes to networks.
  > Issue reported by jsing@, ok stsp@ (mpi@)

== share ============================================================= 05/07 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share

man

  ~ man5/spamd.conf.5                     

  > In troff, a literal backslash character needs an 'e' at the end.
  > The nixspam example was missing this.  From Larry Hynes. (millert@)

  ~ man5/port-modules.5                   

  > Document MODFOO_post-extract.
  > From semarie@, ok espie@ (landry@)

  ~ man5/spamd.conf.5                     

  > one more `e' required to mark up correctly; ok millert (jmc@)

== sys =============================================================== 06/07 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys

arch/amd64/conf

  ~ GENERIC                               

  > Enable xbf(4) (mikeb@)

dev/pci

  ~ if_vio.c                              

  > Fix up tsleep priorities and make them interruptible
  > With help from and OK sf, OK mpi on the previous version. (mikeb@)

dev/pv

  ~ xbf.c                                 

  > Poll until the ITSDONE flag is set on the transfer (mikeb@)

  ~ xbf.c                                 

  > Bounce unaligned transfer data through a scratch buffer
  > Thanks to the detailed report from Nathanael Rensen, the issue
  > with unaligned transfer data became apparent: the backend expects
  > buffers be multiple of 512 bytes and to be 512 byte aligned, which
  > is not always satisfied.
  > This isn't an issue when requests are coming from the buffer cache,
  > but can happen with raw device access since physio(9) ensures the
  > former requirement is met by disallowing non-block sized reads, but
  > doesn't enforce the latter.  It remaps userland buffers into the
  > kernel virtual space which preserves the data offset within the
  > memory page and thus the original alignment.
  > Buffers with offsets under the block size can't be referenced by
  > Blkfront ring descriptors that measure data in blocks and must be
  > substituted with temporary buffers for the duration of the I/O
  > operation. (mikeb@)

  ~ if_xnf.c                              

  > Use new xs_{get,set}num functions instead of hand-rolled weirdness (mikeb@)

net

  ~ if_vxlan.c                            ~ if_gif.c
  ~ if_etherip.c                          

  > make v6 tunnel address handling consider ipv6 scope.
  > an earlier version of this diff was ok mpi@ (dlg@)

  ~ if_media.h                            

  > New media types from FreeBSD
  > No objections from deraadt@, OK dlg
  > Thanks to stsp@ who has extended ifm_media field to 64 bits. (mikeb@)

netinet

  ~ ip_mroute.c                           

  > Propagate the routing table id in ip_mrouter_set() so the MRT_ADD_VIF
  > calls won't fail anymore when doing from a different rdomain.
  > ok mpi@ (rzalamena@)

stand

  + efi/include/arm64/efibind.h           

  > Add an efibind.h for arm64.  Taken from edk2, modified to be similar
  > to our arm version.
  > ok millert@ (patrick@)

== usr.sbin ========================================================== 07/07 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin

dhcrelay

  ~ dhcrelay.8                            ~ dhcrelay.c

  > simplify previous; ok reyk (jmc@)

  ~ dhcrelay.c                            

  > Filter DHCP reply messages that were not meant for us by looking at the
  > gateway set. This happens mostly because we are watching a BPF socket.
  > Suggested by and ok jca@ (rzalamena@)

  ~ dhcrelay.c                            

  > Unbreak the insertion of Relay Agent Information on layer 3 mode when
  > using the default values: use the right address for remote-id.
  > ok reyk@ (rzalamena@)

  ~ dhcrelay.c                            

  > Unbreak the dhcrelay(8) support to run on enc(4) interfaces.
  > ok reyk@ (rzalamena@)

tcpdump

  ~ print-gre.c                           ~ print-ip6.c

  > teach tcpdump some more things about gre.
  > gre can be encapsulated in ipv6.
  > gre can encapsulate ipv6, mpls, and ethernet.
  > nvgre is based on gre, so if the header could be nvgre print the
  > vsid and flow id as well as the key.
  > ok stsp@ (dlg@)

===============================================================================
_______________________________________________
odc mailing list
[email protected]
http://www.squish.net/mailman/listinfo/odc

Reply via email to