OpenBSD src changes summary for 2016-12-24 ==========================================
distrib/sets lib/csu lib/libcrypto sys/arch/amd64/stand/efiboot sys/arch/amd64/stand/libsa sys/arch/arm/cortex sys/arch/arm64/dev sys/arch/armv7/sunxi sys/dev sys/dev/pci sys/netinet usr.bin/ftp usr.sbin/ospf6d == distrib =========================================================== 01/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib sets ~ lists/comp/mi > sync (deraadt@) == lib =============================================================== 02/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib csu ~ boot.h > Remove code that reprotects the GOT based on the __got_start and __got_end > symbols. Either the PT_LOAD RWX->RX case ot PT_GNU_RELRO should cover this > already for anything we care about. And lld, the llvm linker, doesn't emit > the __got_start and __got_end symbols and there are good reasons to leave > it > that way. > ok guenther@ (kettenis@) ~ boot.h > Replace return by break; requested by guenther@ (kettenis@) libcrypto ~ man/Makefile + man/SXNET_new.3 > Write new SXNET_new(3) manual page from scratch. All four functions > are listed in <openssl/x509v3.h> and in OpenSSL doc/man3/X509_dup.pod. > OpenSSL documentation specifies the wrong header file. > I consider the quotation from > http://www-03.ibm.com/security/library/wp_pki0730.shtml > fair use because > (1) it is a very brief extract from a long text, > (2) no other source of information is available, > (3) it is quoted for the purpose of education and research, > (4) republishing happens in a not-for-profit context. > I'm not including the URI into the manual page because large corporate > websites are notorious for changing URIs during each spring cleaning. > (schwarze@) ~ man/OCSP_REQUEST_new.3 ~ man/TS_REQ_new.3 ~ man/X509_CRL_new.3 ~ man/X509_EXTENSION_set_object.3 ~ man/X509_NAME_new.3 ~ man/X509_new.3 > sprinkle some cross references to newly written x509v3 manual pages > (schwarze@) ~ man/PKEY_USAGE_PERIOD_new.3 > minor fixes; (jmc@) ~ man/Makefile + man/ASN1_item_d2i.3 + man/ASN1_item_new.3 > Very carefully tweak OpenSSL doc/man3/d2i_X509.pod and create a new > ASN1_item_d2i(3) manual page from it. Enough text remains to keep > Stephen Henson's Copyright. > The eight functions documented in this new page are listed in > <openssl/asn1.h> and in Symbols.list, so they are public even though > OpenSSL does not document them. They are very important because > hundreds of documented, much-used public interface functions are > trivial wrappers around them, sharing their complicated semantics > and their copious CAVEATS and BUGS. > The plan is for the many pages documenting the wrappers to become > very concise, to focus on the few type-dependent specifics, and to > point to this new page for the details of the semantics, for the > CAVEATS, and for the BUGS. > While here, write a companion page ASN1_item_new(3) from scratch. > The user interface described in that page scares the hell out of > me, and i think people writing code to handle ASN.1 ought to be > aware of that dangerous user interface design, or they will sooner > or later get trapped. (schwarze@) ~ man/d2i_DSAPublicKey.3 > First example of how to fix the d2i_*() manuals: > - add four missing functions found in OpenSSL doc/man3/d2i_X509.pod > - simplify .Nd > - drop needless extra include line > - use the same parameter names as in ASN1_item_d2i(3) > - point to ASN1_item_d2i(3) for details > - sort the text and simplify the wording > More work is needed on STANDARDS references. (schwarze@) == sys =============================================================== 03/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/stand/efiboot ~ efidev.c > The unit of the parition offset in disklabel is number of sectors in the > sector size, not in 512 byte blocks. tested by gonzalo. (yasuoka@) arch/amd64/stand/libsa ~ softraid_amd64.c > Make the boot programs support booting from softraid on 4K byte sector > disks. > test gonzalo > ok tom krw jsing (yasuoka@) arch/arm/cortex ~ ampintc.c > Match on "arm,gic-400" another GICv2 compat string. > ok patrick@ kettenis@ (jsg@) arch/arm64/dev ~ ampintc.c > Match on "arm,gic-400" another GICv2 compat string. > ok patrick@ kettenis@ (jsg@) arch/armv7/sunxi ~ sxipio.c ~ sxipio_pins.h ~ sxipiovar.h > Add support for the 2nd sxipio(4) device on the Allwinner H3. (kettenis@) dev ~ softraidvar.h > Make the boot programs support booting from softraid on 4K byte sector > disks. > test gonzalo > ok tom krw jsing (yasuoka@) dev/pci ~ drm/i915/intel_lvds.c > Put a bit more unused code under #ifdef notyet to prevent a clang warning. > (kettenis@) ~ drm/i915/intel_tv.c > Remove some unused variables that have been removed upstream as well. > Fixes some clang warnings. > ok jsg@ (kettenis@) netinet ~ ip_ah.c ~ ip_esp.c ~ ip_ipcomp.c > Grab the NET_LOCK() before calling ipsp_process_done() as it ends up > in ip_output(). > Found the hardway by and ok kettenis@ (mpi@) == usr.bin =========================================================== 04/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin ftp ~ fetch.c > Correctly handle tls_read()/tls_write(). > In one tls_read() case, we failed to check for WANT_{POLLIN,POLLOUT}, so > fix that. In the same tls_read() case and the tls_write() case we fail to > handle errors correctly, which means that error is not reported and can be > lost by a futher libtls call. > ok beck@ jca@ (jsing@) == usr.sbin ========================================================== 05/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin ospf6d ~ printconf.c > Print metric and type for "redistribute" in ospf6d -v. > Similar diff as for ospfd, from Remi Locherer. ok stsp@ (jca@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
