OpenBSD src changes summary for 2016-12-14 ==========================================
distrib/sets lib/libcrypto lib/libssl sys/arch/amd64/amd64 sys/arch/amd64/include sys/dev sys/dev/pv sys/net sys/netinet usr.bin/bgplg usr.bin/ssh usr.bin/tmux usr.sbin/tcpdump usr.sbin/unbound usr.sbin/vmctl usr.sbin/vmd == distrib =========================================================== 01/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib sets ~ lists/comp/mi > sync (deraadt@) == lib =============================================================== 02/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libcrypto ~ man/Makefile + man/ESS_SIGNING_CERT_new.3 + man/TS_REQ_new.3 > New manuals ESS_SIGNING_CERT_new(3) and TS_REQ_new(3) written > from scratch. All these functions are listed in <openssl/ts.h> > and in OpenSSL doc/man3/X509_dup.pod. > Note that the OpenSSL documentation specifies the wrong header file. > (schwarze@) ~ man/ESS_SIGNING_CERT_new.3 ~ man/TS_REQ_new.3 > tweak previous; (jmc@) ~ man/Makefile + man/X509_NAME_new.3 > Write X509_NAME_new(3) manual from scratch. Both functions are > listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.pod. > Note that the OpenSSL documentation specifies the wrong header file. > (schwarze@) ~ man/X509_NAME_ENTRY_get_object.3 > Document X509_NAME_ENTRY_new(3) and X509_NAME_ENTRY_free(3), > both listed in <openssl/x509.h> and in OpenSSL doc/man3/X509_dup.h. > Note that the OpenSSL documentation specifies the wrong header file. > Explain what X509_NAME_ENTRY represents. > Simplify and clarify some wording. > Sort parts of the text into a more logical order. > Delete an irrelevant cross reference and add some relevant ones. > Add a STANDARDS section. (schwarze@) ~ man/d2i_X509_NAME.3 > Complete rewrite to improve clarity. > Add some cross references and STANDARDS. (schwarze@) ~ man/OCSP_SERVICELOC_new.3 ~ man/OCSP_cert_to_id.3 ~ man/X509_NAME_add_entry_by_txt.3 ~ man/X509_NAME_get_index_by_NID.3 ~ man/X509_NAME_print_ex.3 ~ man/X509_get_subject_name.3 > Make sure all manual pages discussing X509_NAME objects > reference X509_NAME_new(3). Sparingly add a few other > references to relevant X509_NAME*(3) pages while here. (schwarze@) ~ man/x509.3 > Clarify X509_NAME stuff and cut back excessive references. > Ultimately, this page will have to be merged into X509_new(3), > but we're not quite ready for that just yet. (schwarze@) ~ man/d2i_X509_NAME.3 > Document X509_NAME_dup(3) and X509_NAME_ENTRY_dup(3) listed in > OpenSSL doc/man3/X509_dup.pod and d2i_X509_NAME_ENTRY(3) and > i2d_X509_NAME_ENTRY(3) listed in OpenSSL doc/man3/d2i_X509.pod. > Also add a RETURN VALUES section. (schwarze@) ~ man/PEM_write_bio_PKCS7_stream.3 ~ man/X509_NAME_ENTRY_get_object.3 > an Xr and new line fix; (jmc@) libssl ~ man/SSL_CTX_set_client_CA_list.3 ~ man/SSL_dup_CA_list.3 ~ man/SSL_get_client_CA_list.3 ~ man/SSL_load_client_CA_file.3 > Make sure all manual pages discussing X509_NAME objects > reference X509_NAME_new(3). Sparingly add a few other > references to relevant X509_NAME*(3) pages while here. (schwarze@) == sys =============================================================== 03/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ identcpu.c > Add the TSC timecounter and use it on Skylake machines where the HPET > is too slow and the invariant TSC more accurate. > The commit includes joint work by mikeb@ kettenis@ and me; > tested for some time by a large group of volunteers. > OK mikeb@ kettenis@ (reyk@) arch/amd64/include ~ cpu.h > Add the TSC timecounter and use it on Skylake machines where the HPET > is too slow and the invariant TSC more accurate. > The commit includes joint work by mikeb@ kettenis@ and me; > tested for some time by a large group of volunteers. > OK mikeb@ kettenis@ (reyk@) dev ~ vnd.c ~ vndioctl.h > Kill compat for old VNDIOCSET; ok deraadt@ (jca@) dev/pv ~ xbf.c > Various typos and minor cleanup (mikeb@) net ~ if_media.h > fix typo (bas->base), "please commit" mikeb@ (sthen@) ~ route.c > Make 'route add default' show a nicer error message if the provided > gateway is not reachable (e.g. not on a local subnet). > ok millert@ mikeb@ mpi@ > (and shrugs by jca@) (stsp@) netinet ~ igmp.c > Set the rtableid for new mbufs when sending packets in igmp_sendpkt(). > ok mikeb@, phessler@ (rzalamena@) == usr.bin =========================================================== 04/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin bgplg ~ bgplg.8 > Some of the executables that are used by bgplg need the set-user-ID > bit, so they should be mounted on a filesystem without the nosuid > option. OpenBSD's /var/www is mounted nosuid by default and using > bgplg with the statically-linked "ping" doesn't work with nosuid. > Reported by Michael W. Lucas (mwlucas at michaelwlucas.com) > OK jmc@ jca@ (reyk@) ssh ~ serverloop.c > disable Unix-domain socket forwarding when privsep is disabled (djm@) tmux ~ cmd-swap-window.c > Fix up winlink lists after swap-window. (nicm@) == usr.sbin ========================================================== 05/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin tcpdump ~ addrtoname.c > Sync extern decl of eproto_db with what's in libpcap. > For some reason this crashes on armv7. Issue reported by Lars Nooden. > (jca@) unbound ~ services/listen_dnsport.c > Remove a resource leak by closing the socket in all error cases. > The patch was already committed upstream. > OK tb@ and sthen@. jca@ has a valid point that the error would be fatal and > most likely the socket would not leak, nevertheless > create_tcp_accept_sock() > close the socket everytime so for clarity apply the same principal here in > create_local_accept_sock() (mestre@) vmctl ~ vmctl.c > Allow to start disabled and pre-configured VMs by name, "vmctl start foo". > With testing from Jon Bernard > OK mlarkin@ (reyk@) vmd ~ config.c ~ vmd.c ~ vmd.h > If a VM terminates with the result EAGAIN, close all fds except the > pty and re-send it to the vmm monitor process. With additional > changes in vmm.c, this will allow perform a cold reboot of VM. > With testing and feedback from Jon Bernard > OK mlarkin@ (reyk@) ~ vmm.c > Allow a guest to reboot by reinitializing its state and booting again. > This is technically a reset since memory is cleared and the dmesg > buffer is lost. > Patch from Jon Bernard (jbernard at jbernard.io) - Thanks > OK reyk@ mlarkin@ (reyk@) ~ parse.y ~ vmd.c ~ vmd.h > Allow to start disabled and pre-configured VMs by name, "vmctl start foo". > With testing from Jon Bernard > OK mlarkin@ (reyk@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
