OpenBSD src changes summary for 2016-12-26 ==========================================
bin/pax lib/libcrypto lib/libssl lib/libtls regress/lib regress/usr.sbin sbin/restore sys/arch/amd64/amd64 sys/arch/arm64/arm64 sys/arch/armv7/imx sys/arch/macppc/dev sys/dev/ic sys/dev/pci sys/net80211 sys/netinet sys/netinet6 usr.sbin/bgpd usr.sbin/ospfd == bin =============================================================== 01/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin pax ~ options.c ~ tables.c > Put some variable declarations under appropriate #if/#endif protection > so gcc doesn't complain about defining but not using them. > typo correction & ok jca@ (krw@) == lib =============================================================== 02/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libcrypto ~ man/ASN1_item_d2i.3 > describe what happens for val_out == NULL and for der_out == NULL > (schwarze@) ~ man/d2i_RSAPublicKey.3 > Basic cleanup: > Simplify one-line description. > List each function with the correct header file. > Use the same parameter names as in ASN1_item_d2i(3). > Point to ASN1_item_d2i(3) for details. > Sort the text. > Add some useful cross references. (schwarze@) ~ man/d2i_RSAPublicKey.3 > add eight missing functions found in OpenSSL doc/man3/d2i_X509.pod > (schwarze@) ~ man/d2i_RSAPublicKey.3 > Document d2i_RSA_PSS_PARAMS(3) and i2d_RSA_PSS_PARAMS(3) > found in OpenSSL doc/man3/d2i_X509.pod. > Add STANDARDS references. (schwarze@) ~ man/Makefile + man/d2i_PKCS12.3 > Write the missing d2i_PKCS12(3) manual page from scratch. > It is already referenced from some other manuals. > All these functions are listed in <openssl/pkcs12.h> > and in OpenSSL doc/man3/d2i_X509.pod. (schwarze@) ~ man/Makefile + man/d2i_PKCS7.3 > Write the missing d2i_PKCS7(3) manual page from scratch. > It is already referenced by one other manual page. > All these functions are listed in <openssl/pkcs7.h> > and in OpenSSL doc/man3/d2i_X509.pod. (schwarze@) ~ man/d2i_PKCS7.3 > also document the weird i2d_PKCS7_NDEF(3) > listed in <openssl/pkcs7.h> and OpenSSL doc/man3/d2i_X509.pod (schwarze@) ~ des/fcrypt.c > Typo, "more then" -> "more than" (jca@) libssl ~ ssl_asn1.c > Restore previous behaviour of incrementing the pointer so that it points > at the end of the buffer. > Issue identified by and diff from Kazuki Yamaguchi <k at rhe.jp>. (jsing@) ~ ssl_asn1.c > Restore previous ASN.1 encoding for the peer certificate - this was > unintentionally changed during the CBS/CBB rewrite. > Issue reported by jeremy@ due to failing ruby tests. > Analysis and near identical diff from Kazuki Yamaguchi <k at rhe.jp>. > (jsing@) ~ s3_clnt.c > Restore two frees that were unintentionally lost during recent refactoring. > (jsing@) libtls ~ tls.c ~ tls_client.c > Hook up a certificate verify callback so that we can set user friendly > error messages, instead of libssl error strings. This gives us messages > like: > certificate verification failed: certificate has expired > Instead of: > 14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed > This also lets us always enable peer verification since the no verification > case is now handled via the callback. > Tested by tedu@ > ok beck@ (jsing@) == regress =========================================================== 03/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libssl/asn1/asn1test.c > Ensure that after an i2d_SSL_SESSION() call, the passed pointer now points > to the end of the buffer. (jsing@) ~ libssl/asn1/asn1test.c > Extend regress to include a peer certificate in the session. (jsing@) usr.sbin ~ ospfd/Client.pm > Typo, "more then" -> "more than" (jca@) == sbin ============================================================== 04/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin restore ~ tape.c > Put some variable declarations under appropriate #if/#endif protection > so gcc doesn't complain about defining but not using them. > typo correction & ok jca@ (krw@) == sys =============================================================== 05/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ vmm.c > Pass through cacheline size information to guest. This was pointed out > to me by Christian Barthel who was encountering failures running Java > on amd64 vmm(4) guests. Apparently Java queries the cacheline info > and if we report "0", Java aborts. > Verified on amd64 vmm(4) guest. (mlarkin@) arch/arm64/arm64 ~ trap.c > Typo, "more then" -> "more than" (jca@) arch/armv7/imx ~ imxccm.c > Fix typo. (kettenis@) arch/macppc/dev ~ pm_direct.c > Fix typo, happend -> happened (jca@) dev/ic ~ wd33c93.c > Fix typo, happend -> happened (jca@) dev/pci ~ cs4280.c > Fix typo, happend -> happened (jca@) net80211 ~ ieee80211_mira.c > When calculating the set of MCS rates below a particular MCS, skip rates > which are not supported by both peers, as already done elsewhere. > ok phessler@ tb@ (stsp@) ~ ieee80211_proto.c > Allow using 11n mode with APs that do not advertise support for all of MCS > 0-7. > ok phessler@ tb@ (stsp@) netinet ~ tcp_usrreq.c > Typo, "more then" -> "more than" (jca@) netinet6 ~ ip6_input.c > Typo, "more then" -> "more than" (jca@) == usr.sbin ========================================================== 06/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin bgpd ~ parse.y > Typo, "more then" -> "more than" (jca@) ospfd ~ lsupdate.c > Fix typo, happend -> happened (jca@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
