OpenBSD src changes summary for 2017-01-09 ==========================================
distrib/miniroot lib/libtls libexec/ld.so regress/lib sbin/iked share/man sys/arch/i386/i386 sys/arch/luna88k/dev sys/ddb sys/dev/usb sys/kern sys/net sys/net80211 sys/netinet usr.bin/mandoc usr.bin/tmux usr.sbin/httpd usr.sbin/ldapd usr.sbin/npppd usr.sbin/ntpd usr.sbin/relayd usr.sbin/smtpd usr.sbin/snmpd usr.sbin/switchctl usr.sbin/switchd usr.sbin/vmd == distrib =========================================================== 01/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib miniroot ~ install.sub > Use a verified list of distribution set files extracted from > the SHA256.sig file which is signed by the OpenBSD project. > Deny the use of mirror servers where the verification fails. > Site specifc sets (siteXX.tgz and siteXX-hostname.tgz) or self > compiled sets in local setups are still supported by using the > index.txt file. Files listed in SHA256.sig override any file > listed in index.txt. > Support http://server and https://server as answers to the > "HTTP Server?" question. This allows a user to control the > logic used to download the set files on architectures that > have tls support for ftp(1). > 'server' --> Use https for the sets download. If the server > does not support https, fall back to http but only after > user confirmation. > 'https://server'--> Use https only for the sets download. > 'http://server' --> Use http only for the sets download. > NOTE: If the autoinstall(8) feature is used, the installer > aborts the installation or upgrade in the following cases: > - a mirror server provides an invalid SHA256.sig file > - 'server' is used, https fails and the question to confirm > the fallback to http is not answered in the response file. > - 'https://server' is used but ftp(1) has no tls support. > - 'https://server' is used but not supported by the server. > Suggested by, in joint work with and OK deraadt@ > Feedback, testing and OK tb@ > positive feedback halex@ for the http/https part (rpe@) == lib =============================================================== 02/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libtls ~ tls_conninfo.c > Avoid leaking conninfo servername. > Issue found by and fix from Shuo Chen <chenshuo at chenshuo dot com>. > (jsing@) == libexec =========================================================== 03/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec ld.so ~ boot.c ~ loader.c ~ alpha/archdep.h ~ amd64/archdep.h ~ arm/archdep.h ~ hppa/archdep.h ~ hppa/rtld_machine.c ~ i386/archdep.h ~ m88k/archdep.h ~ mips64/archdep.h ~ powerpc/archdep.h ~ sh/archdep.h ~ sparc64/archdep.h > Remove dependency on __got_{start,end} symbols and look at PT_GNU_RELRO > instead. Result in a few more pages that aren't writable on some platforms > (such as hppa). Based on an initial diff from guenther@. > Thanks to deraadt@ for testing. > ok guenther@ (kettenis@) == regress =========================================================== 04/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libtls/verify/Makefile + libtls/Makefile.inc > Provide TLS_INT for consistency with libssl/libcrypto. (jsing@) == sbin ============================================================== 05/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin iked ~ control.c > Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with > TAILQ_FOREACH(). > No intentional functional change. > ok reyk@ (krw@) ~ control.c ~ iked.c ~ iked.h ~ log.c ~ proc.c ~ util.c > Stop accessing verbose and debug variables from log.c directly. > This replaces log_verbose() and "extern int verbose" with the two functions > log_setverbose() and log_getverbose(). > Pointed out by benno@ > OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well) (reyk@) == share ============================================================= 06/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man7/mdoc.7 > Clarify how tabs after .It work > because this is a really nasty trap for the unwary. > Triggered by a question from Abhinav Upadhyay <er dot abhinav dot > upadhyay at gmail dot com> (NetBSD) on discuss@. (schwarze@) == sys =============================================================== 07/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/i386/i386 ~ vmm.c > i386 vmm requires PAE mode to be in use. don't match vmm(4) if ! PAE. > (mlarkin@) arch/luna88k/dev ~ xp.c > Sync with NetBSD/luna68k changes. > >> Fix (mostly harmless) off-by-one size check in XPIOCDOWNLD ioctl. > >> Consistently use sc_shm_size initialized at device attach. > http://mail-index.netbsd.org/source-changes/2017/01/08/msg080666.html > http://mail-index.netbsd.org/source-changes/2017/01/08/msg080667.html > (aoyama@) ddb ~ db_interface.h ~ db_trap.c > Stop and restart the watchdog timer when entering and leaving ddb(4). > From Christian Ludwig. (mpi@) ~ db_interface.h ~ db_trap.c > Revert previous, it's a documented behavior and people might rely on it. > Pointed by deraadt@ (mpi@) dev/usb ~ if_urtw.c ~ ugold.c ~ umass.c ~ uoak_subr.c ~ usbdi_util.c ~ uthum.c > Remove unneeded <sys/malloc.h> from Michael W. Bombardieri. (mpi@) kern ~ kern_watchdog.c > Stop and restart the watchdog timer when entering and leaving ddb(4). > From Christian Ludwig. (mpi@) ~ kern_watchdog.c > Revert previous, it's a documented behavior and people might rely on it. > Pointed by deraadt@ (mpi@) net ~ pf.c > pf_purge_thread() needs the NET_LOCK(). > ok sashan@, visa@ (mpi@) ~ bpf.c ~ bpfdesc.h > Use a mutex to serialize accesses to buffer slots. > With this change bpf_catchpacket() no longer need the KERNEL_LOCK(). > Tested by Hrvoje Popovski who reported a recursion in the previous > attempt. > ok bluhm@ (mpi@) net80211 ~ ieee80211_output.c > Fix ieee80211_add_htop(), which is not yet called in active code paths. > It was creating a corrupt beacon element by ommitting one byte. > Fix this and fill the element with actual data from the ic_bss node instead > of filling it with zeroes, allowing future 11n hostap to announce the > current > HT protection mode correctly. (stsp@) ~ ieee80211_node.c > When acting as hostap, negotiate HT before calling the driver's > ic_newassoc() > function, not afterwards. Drivers now know whether a joining node supports > HT > which helps with setting up state such as which Tx rate to use. (stsp@) ~ ieee80211_node.c > The point of ieee80211_node_leave() is to place the node in COLLECT state. > Return early and do nothing if the node is already in COLLECT state upon > entry to this function. (stsp@) ~ ieee80211_input.c ~ ieee80211_node.c ~ ieee80211_var.h > Manage the HT protection setting if acting as hostap with 11n enabled. > For now we flip-flop only between non-member protection and non-HT > protection. > Running a HT network without protection would require monitoring > environmental > conditions (e.g. foreign beacons) which make HT protection necessary. > The ic_update_htprot driver function becomes optional because it won't be > needed by all drivers. Only call it if the driver has set a function > pointer. > ok tb@ (stsp@) ~ ieee80211_output.c > When acting as 11n hostap, send Microsoft WME parameters to clients so > that Linux clients will decide to use 11n mode. > ok phessler@ (stsp@) ~ ieee80211_node.c ~ ieee80211_output.c ~ ieee80211_var.h > Make the net80211 stack send EDCA parameters to the driver in hostap mode. > Fixes problems with timing of frame transmissions which caused packet loss. > tested by myself and tb@ > ok phessler@ mpi@ tb@ (stsp@) ~ ieee80211_mira.c > Show node MAC addresses in mira debug output. (stsp@) ~ ieee80211_mira.c > Stop defining MIRA_DEBUG by default. (stsp@) ~ ieee80211_input.c ~ ieee80211_node.c ~ ieee80211_node.h > When a HT node leaves or reassociates as a non-HT node, > clear HT capabilities stored in its node cache object. > A node may switch from 11n mode to 11a/b/g mode. > If we don't clear HT capabilities from the cache the node will > be mistaken as 11n-capable after reassociation. > ok phessler@ mpi@ (stsp@) netinet ~ ip_ah.c ~ ip_esp.c > Grab the NET_LOCK() in various callbacks. > Fix an assert reported by Hrvoje Popovski. > ok visa@, mikeb@ (mpi@) ~ ip_ipcomp.c > Grab the NET_LOCK() in ipcomp input callback. > OK mikeb@ mpi@ (visa@) == usr.bin =========================================================== 08/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin mandoc ~ main.c ~ mandoc.h ~ read.c > Warnings and errors that occur during mdoc_validate() > or during man_validate() have to affect the mandoc(1) EXIT STATUS. > Many thanks to <Yuri dot Pankov at gmail dot com> (illumos developer) > for reporting this regression. (schwarze@) ~ mdoc_html.c > The .No macro is not supposed to produce fixed-width font, it is not > the same as .Li, so don't use <code>. > Bug reported by <Anton dot Lindqvist at gmail dot com> on tech@. > (schwarze@) ~ main.c ~ tag.c > Use stdout rather than stdin for controlling the terminal > such that "cat foo.mdoc | man -l" works. > Issue reported by Christian Neukirchen <chneukirchen at gmail dot com> > and also tested by him on Void Linux with both glibc and musl. > The patch makes sense to millert@. (schwarze@) tmux ~ cfg.c ~ cmd-source-file.c ~ tmux.1 ~ tmux.h > Run the source-file pattern through glob(3). (nicm@) ~ cmd-source-file.c > source-file -q needs to apply to glob(3) too. (nicm@) ~ format.c ~ tmux.1 ~ tmux.h > Add simple comparisons in formats: #{==:a,b} and #{!=:a,b} ("a" and "b" > are expanded so can compare formats). And expand the condition to > #{?a,b,c} (the "a" part) if it doesn't work as a simple lookup. > Also add FORMAT_NOJOBS flag to disable jobs in a format. (nicm@) ~ cfg.c ~ tmux.1 > Add %if/%endif for conditionals when parsing configuration files, the > argument is a format (the new == and != are useful). (nicm@) == usr.sbin ========================================================== 09/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin httpd ~ control.c > Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with > TAILQ_FOREACH(). > No intentional functional change. > ok reyk@ (krw@) ~ control.c ~ httpd.c ~ httpd.h ~ log.c ~ proc.c ~ server.c > Stop accessing verbose and debug variables from log.c directly. > This replaces log_verbose() and "extern int verbose" with the two functions > log_setverbose() and log_getverbose(). > Pointed out by benno@ > OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well) (reyk@) ldapd ~ control.c > Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with > TAILQ_FOREACH(). > No intentional functional change. > ok reyk@ (krw@) npppd ~ npppd/control.c > Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with > TAILQ_FOREACH(). > No intentional functional change. > ok reyk@ (krw@) ntpd ~ control.c > Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with > TAILQ_FOREACH(). > No intentional functional change. > ok reyk@ (krw@) ~ log.c ~ ntpd.c ~ ntpd.h > Stop accessing verbose and debug variables from log.c directly. > This replaces log_verbose() and "extern int verbose" with the two functions > log_setverbose() and log_getverbose(). > Pointed out by benno@ > OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well) (reyk@) relayd ~ control.c > Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with > TAILQ_FOREACH(). > No intentional functional change. > ok reyk@ (krw@) ~ control.c ~ log.c ~ proc.c ~ relay.c ~ relay_udp.c ~ relayd.c ~ relayd.h ~ ssl.c > Stop accessing verbose and debug variables from log.c directly. > This replaces log_verbose() and "extern int verbose" with the two functions > log_setverbose() and log_getverbose(). > Pointed out by benno@ > OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well) (reyk@) smtpd ~ ca.c ~ control.c ~ filter.c ~ lka.c ~ log.c ~ log.h ~ makemap.c ~ mta.c ~ pony.c ~ queue.c ~ scheduler_ramqueue.c ~ smtpctl.c ~ smtpd.c ~ smtpd.h ~ util.c > smtpd joins the 7 other daemons that share the same log.c file. > The only major difference was the "log_trace" concept that is only > used by smtpd - move it from log.c into util.c and make it a local > concept. This also needed to rename the global "verbose" variable to > "tracing" in a few places. > OK krw@ gilles@ eric@ (reyk@) ~ log.c ~ log.h ~ scheduler.c ~ util.c > Stop accessing verbose and debug variables from log.c directly. > This replaces log_verbose() and "extern int verbose" with the two functions > log_setverbose() and log_getverbose(). > Pointed out by benno@ > OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well) (reyk@) snmpd ~ control.c ~ log.c ~ proc.c ~ snmpd.c ~ snmpd.h ~ traphandler.c ~ util.c > Stop accessing verbose and debug variables from log.c directly. > This replaces log_verbose() and "extern int verbose" with the two functions > log_setverbose() and log_getverbose(). > Pointed out by benno@ > OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well) (reyk@) switchctl ~ ofpclient.c > log_verbose() -> log_setverbose() (reyk@) switchd ~ control.c > Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with > TAILQ_FOREACH(). > No intentional functional change. > ok reyk@ (krw@) ~ control.c ~ log.c ~ proc.c ~ proc.h ~ switchd.c ~ util.c > Stop accessing verbose and debug variables from log.c directly. > This replaces log_verbose() and "extern int verbose" with the two functions > log_setverbose() and log_getverbose(). > Pointed out by benno@ > OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well) (reyk@) vmd ~ control.c > Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with > TAILQ_FOREACH(). > No intentional functional change. > ok reyk@ (krw@) ~ control.c ~ log.c ~ proc.c ~ proc.h ~ vmd.c > Stop accessing verbose and debug variables from log.c directly. > This replaces log_verbose() and "extern int verbose" with the two functions > log_setverbose() and log_getverbose(). > Pointed out by benno@ > OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well) (reyk@) ~ control.c > Rename control_dispatch_vmm to control_dispatch_vmd to reflect reality. > No function change. (reyk@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
