OpenBSD src changes summary for 2017-01-25 ==========================================
distrib distrib/notes distrib/sets etc/Makefile gnu/usr.bin/binutils-2.17 gnu/usr.bin/clang lib/libc lib/libcrypto lib/libssl lib/libtls libexec/ld.so regress/lib regress/sys regress/usr.bin sbin/mount share/man share/termtypes sys/arch/amd64/conf sys/arch/amd64/isa sys/arch/arm64/arm64 sys/arch/arm64/conf sys/arch/arm64/include sys/arch/armv7/conf sys/arch/armv7/dev sys/arch/i386/isa sys/conf sys/dev/fdt sys/kern sys/net sys/net80211 sys/netinet sys/sys sys/uvm usr.bin/ftp usr.bin/make usr.bin/mandoc usr.bin/tmux usr.sbin/acme-client usr.sbin/bgpd usr.sbin/ocspcheck usr.sbin/pkg_add == distrib =========================================================== 01/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib distrib ~ Makefile > enter arm64 (deraadt@) notes + arm64/contents + arm64/features + arm64/hardware + arm64/install + arm64/prep + arm64/upgrade + arm64/whatis + arm64/xfer > Copy install notes for arm64 from armv7. These still need to be > modified to make sense for arm64. (patrick@) ~ arm64/contents ~ arm64/features ~ arm64/hardware ~ arm64/prep ~ arm64/whatis > Updates to OpenBSD/arm64 install notes. > with jsg@ (patrick@) ~ Makefile > Add arm64 to the allarchs target. > ok jsg@ (patrick@) sets ~ lists/base/md.arm64 ~ lists/comp/md.arm64 > sync (patrick@) == etc =============================================================== 02/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc Makefile ~ Makefile > +arm64 (patrick@) == gnu =============================================================== 03/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu usr.bin/binutils-2.17 ~ Makefile.bsd-wrapper ~ bfd/Makefile.am ~ bfd/Makefile.in ~ bfd/archures.c ~ bfd/bfd-in2.h ~ bfd/config.bfd ~ bfd/configure ~ bfd/targets.c ~ include/elf/common.h ~ opcodes/configure ~ opcodes/configure.in + bfd/cpu-aarch64.c + bfd/elf64-aarch64.c > Stub out aarch64 support and avoid building gas and ld on this > architecture. > ok mpi@, patrick@ (kettenis@) usr.bin/clang ~ Makefile ~ Makefile.arch > Descend into the arch specific subdirectory for every arch on > make obj. This will enable us to add clang to the build. > "if it works" kettenis@ > ok jsg@ (patrick@) ~ Makefile.arch + include/llvm/Mips/Makefile + libLLVMMipsAsmParser/Makefile + libLLVMMipsAsmPrinter/Makefile + libLLVMMipsCodeGen/Makefile + libLLVMMipsDesc/Makefile + libLLVMMipsDisassembler/Makefile + libLLVMMipsInfo/Makefile > Add infrastructure to build LLVM for mips64. > "check with visa@" kettenis@ > "go ahead" visa@ (patrick@) == lib =============================================================== 04/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ arch/aarch64/sys/cerror.S > __errno() returns a 32-bit pointer, so make sure we write a 32-bit > value to and not overwrite other bits by writing a 64-bit value. (patrick@) libcrypto ~ bn/bn.h ~ bn/bn_gcd.c ~ bn/bn_lcl.h ~ bn/bn_x931p.c ~ rsa/rsa_chk.c ~ rsa/rsa_gen.c > Construct a BN_gcd_nonct, based on BN_mod_inverse_no_branch, as suggested > by Alejandro Cabrera <[email protected]> to avoid the possibility of a > sidechannel timing attack during RSA private key generation. > Modify BN_gcd to become not visible under LIBRESSL_INTERNAL and force > the use of the _ct or _nonct versions of the function only within > the library. > ok jsing@ (beck@) ~ man/BN_bn2bin.3 > document BN_asc2bn(3); > jsing@ confirmed that it is a public function worth documenting (schwarze@) libssl ~ ssl.h > Provide defines for SSL_CTRL_SET_CURVES/SSL_CTRL_SET_CURVES_LIST for things > that are conditioning on these. > From BoringSSL. > ok beck@ (jsing@) ~ d1_pkt.c ~ s3_pkt.c ~ ssl_locl.h > Provide ssl3_packet_read() and ssl3_packet_extend() functions that improve > the awkward API provided by ssl3_read_n(). Call these when we need to > read or extend a packet. > ok beck@ (jsing@) ~ d1_lib.c ~ ssl_locl.h > Change the SSL_IS_DTLS() macro to check the version, rather than using a > flag in the encryption methods. We can do this since there is currently > only one DTLS version. This makes upcoming changes easier. > ok beck@ (jsing@) ~ s23_clnt.c ~ ssl_lib.c ~ ssl_locl.h > Limit enabled version range by the versions configured on the SSL_CTX/SSL, > provide an ssl_supported_versions_range() function which also limits the > versions to those supported by the current method. > ok beck@ (jsing@) libtls - tls_init.3 ~ Makefile + man/Makefile + man/tls_accept_socket.3 + man/tls_client.3 + man/tls_config_ocsp_require_stapling.3 + man/tls_config_set_protocols.3 + man/tls_config_set_session_id.3 + man/tls_config_verify.3 + man/tls_conn_version.3 + man/tls_connect.3 + man/tls_init.3 + man/tls_load_file.3 + man/tls_ocsp_process_response.3 + man/tls_read.3 > split the tls_init(3) that had grown fat to allow healthy future growth; > suggested by jsing@; "i would just chuck it in" jmc@ (schwarze@) == libexec =========================================================== 05/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec ld.so ~ mips64/rtld_machine.c > Fix build on mips64. (visa@) == regress =========================================================== 06/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib + libcrypto/rsa/Makefile + libcrypto/rsa/rsa_test.c > Add rsa test from openssl, since it has a license now (beck@) ~ libcrypto/Makefile > link in rsa test (beck@) + libcrypto/CA/Makefile + libcrypto/CA/doit.sh + libcrypto/CA/index.txt + libcrypto/CA/intermediate.cnf + libcrypto/CA/root.cnf > Add start of a regress for cert gen and validation. not clean, won't > hook it up yet (beck@) ~ libssl/unit/ssl_versions.c > Update ssl versions regress to handle min/max configured versions and > the cover the ssl_supported_version_range() function. (jsing@) sys ~ arch/m88k/Makefile > Do not try to execute this test on !m88k archs. > Logic taken from the sparc64 regress, to avoid false negative on bluhm@'s > regression test infrastructure. (mpi@) usr.bin ~ mdoclint/mdoclint > +arm64; (jmc@) == sbin ============================================================== 07/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin mount ~ mount.c > Some simple cleanup: > * check strdup for malloc failure > * remove obvious /* NOTREACHED */ > * return instead of exit from main > * err(1, NULL) instead of err(1, "malloc") > * mark usage as __dead > ok deraadt (tb@) == share ============================================================= 08/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man7/mdoc.7 > add "arm64" as a valid .Dt arch argument; > inspired by deraadt@'s commit to usr.bin/mandoc/cgi.c (schwarze@) termtypes ~ termtypes.master > Add xterm+edit to tmux so that we get the old Home and End sequences > (only the modified ones are needed from xterm+pcfkeys). (nicm@) == sys =============================================================== 09/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/conf ~ Makefile.amd64 > Build amd64 kernels with -ffreestanding. Synchronize the arm64 and armv7 > kernel makefiles, that are using -ffreestanding already, with the amd64 > one. > Other architectures will follow later. > ok jca@, visa@ (kettenis@) arch/amd64/isa ~ clock.c > tedu some code that has not been executed since time_t became 64 bits > guenther@ deraadt@ (tom@) arch/arm64/arm64 ~ support.S > Add assembly helpers for calling the hypervisor and secure monitor. > ok jsg@ (patrick@) ~ support.S > Setjmp should return zero, while longjmp should return nonzero in > kernel. Since those are only used by ddb, guard them with DDB. (patrick@) arch/arm64/conf ~ Makefile.arm64 > Silence warnings caused by LLVM upgrade. (patrick@) ~ GENERIC ~ RAMDISK > enable plrtc(4) and psci(4) > ok patrick@ (jsg@) ~ Makefile.arm64 > Build amd64 kernels with -ffreestanding. Synchronize the arm64 and armv7 > kernel makefiles, that are using -ffreestanding already, with the amd64 > one. > Other architectures will follow later. > ok jca@, visa@ (kettenis@) arch/arm64/include ~ _types.h > Setjmp and longjmp save/restore 13 registers in a label_t struct, > not only 11 registers. (patrick@) arch/armv7/conf ~ files.armv7 > Move psci(4) and plrtc(4) so arm64 can use them. > Tested by and ok patrick@ (jsg@) ~ Makefile.armv7 > Build amd64 kernels with -ffreestanding. Synchronize the arm64 and armv7 > kernel makefiles, that are using -ffreestanding already, with the amd64 > one. > Other architectures will follow later. > ok jca@, visa@ (kettenis@) arch/armv7/dev - psci.c - plrtc.c > Move psci(4) and plrtc(4) so arm64 can use them. > Tested by and ok patrick@ (jsg@) arch/i386/isa ~ clock.c > tedu some code that has not been executed since time_t became 64 bits > guenther@ deraadt@ (tom@) conf ~ GENERIC > enable BFD > OK deraadt@ (phessler@) dev/fdt ~ files.fdt + plrtc.c + psci.c > Move psci(4) and plrtc(4) so arm64 can use them. > Tested by and ok patrick@ (jsg@) kern ~ Makefile > +arm64 (deraadt@) ~ sched_bsd.c ~ uipc_socket.c ~ uipc_socket2.c ~ uipc_syscalls.c ~ uipc_usrreq.c > Enable the NET_LOCK(), take 2. > Recursions are currently known and marked a XXXSMP. > Please report any assert to bugs@ (mpi@) ~ sys_process.c > deSCARGize sys_ptrace() > ok mpi@ (guenther@) ~ uipc_syscalls.c > Allocate and connect sockets first, then upon success create file > descriptors so that the NET_LOCK is satisfied. > ok mpi (deraadt@) ~ uipc_mbuf.c > Clear the reference of the original mbuf chain after m_split()'ing > a mbuf and properly intialize m_len. > From FreeBSD via Imre Vadasz. > ok bluhm@ (mpi@) ~ uipc_socket.c > As NET_LOCK() is a read/write lock, it can sleep in sotask(). So > the TASKQ_CANTSLEEP flag is no longer valid for the splicing thread. > OK mikeb@ (bluhm@) ~ kern_synch.c ~ sys_socket.c > Introduce a hack to remove false-positives when looking for memory > allocation that can sleep while holding the NET_LOCK(). > To be removed once we're confident the remaining code paths are safe. > Discussed with deraadt@ (mpi@) net ~ if.c ~ if_pflow.c ~ pf.c > Enable the NET_LOCK(), take 2. > Recursions are currently known and marked a XXXSMP. > Please report any assert to bugs@ (mpi@) ~ if_etherip.c ~ if_etherip.h ~ if_gif.c ~ if_gif.h ~ if_pfsync.c ~ if_pfsync.h > Since raw_input() and route_input() are gone from pr_input, we can > make the variable parameters of the protocol input functions fixed. > Also add the proto to make it similar to IPv6. > OK mpi@ guenther@ millert@ (bluhm@) ~ if.c > Introduce a hack to remove false-positives when looking for memory > allocation that can sleep while holding the NET_LOCK(). > To be removed once we're confident the remaining code paths are safe. > Discussed with deraadt@ (mpi@) net80211 ~ ieee80211_input.c > In amsdu_decap() check the actual length of the data in the remaining mbuf > chain. Else this function will sometimes signal end of AMSDU frame too > early. > Patch by Imre Vadasz. > ok mpi@ phessler@ (stsp@) netinet ~ igmp.c ~ igmp_var.h ~ ip_carp.c ~ ip_carp.h ~ ip_divert.c ~ ip_divert.h ~ ip_ether.c ~ ip_ether.h ~ ip_gre.c ~ ip_gre.h ~ ip_icmp.c ~ ip_icmp.h ~ ip_input.c ~ ip_ipip.c ~ ip_ipsp.h ~ ip_var.h ~ ipsec_input.c ~ raw_ip.c ~ tcp_input.c ~ tcp_var.h ~ udp_usrreq.c ~ udp_var.h > Since raw_input() and route_input() are gone from pr_input, we can > make the variable parameters of the protocol input functions fixed. > Also add the proto to make it similar to IPv6. > OK mpi@ guenther@ millert@ (bluhm@) sys ~ filedesc.h ~ systm.h > Enable the NET_LOCK(), take 2. > Recursions are currently known and marked a XXXSMP. > Please report any assert to bugs@ (mpi@) ~ protosw.h > Since raw_input() and route_input() are gone from pr_input, we can > make the variable parameters of the protocol input functions fixed. > Also add the proto to make it similar to IPv6. > OK mpi@ guenther@ millert@ (bluhm@) uvm ~ uvm_vnode.c > Enable the NET_LOCK(), take 2. > Recursions are currently known and marked a XXXSMP. > Please report any assert to bugs@ (mpi@) == usr.bin =========================================================== 10/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin ftp ~ ftp.1 > cetificate -> certificate; (jmc@) make ~ varmodifiers.c > off-by-one, leading to segfaults. Trivial fix. > reported by jasper@ (espie@) mandoc ~ cgi.c ~ html.c ~ mdoc_html.c > Improve HTML formatting of .Bl -tag. > In particular, when using the style sheet, put the body on the same > line as the head for short heads, or on the next line for long > heads, in a way that preserves both correct indentation and correct > vertical spacing with and without -compact, and with one or more > heads per body (hi, Zaphod) - eight use cases so far - and with and > without -tag, and with and without -offset, 32 use cases grand total. > Using many ideas from zhuk@, from <David dot Dahlberg at fkie dot > fraunhofer dot de>, and from Benny Lofgren <bl dash lists at lofgren > dot biz>, and a few of my own. > This is an excellent demonstration that CSS is an extremely hostile > language, much more trapful and much harder to use than, say, C. > When matthew@ reported this in July 2014 (!), it was already a known > issue, and i no longer remember for how long. My first serious > attempt at fixing it (in November 2015) failed miserably. I'd love > to see simplifications of both the generated HTML code and of the > style sheet, but without breaking any of the 32 use cases, please. > (schwarze@) ~ Makefile + mandoc.css > Add the style sheet used on man.openbsd.org to the source tree. > It is NOT used during "make build" and NOT installed, but it is > helpful for people trying to read and understand html.c and mdoc_html.c, > and maybe even for users of mandoc -Thtml. > OK deraadt@ (schwarze@) ~ cgi.c > +arm64 (deraadt@) tmux ~ input-keys.c ~ tmux.1 ~ tmux.h ~ xterm-keys.c > If xterm-keys is on, use xterm(1) style keys for Home and End as well as > modified keys. (nicm@) ~ input-keys.c ~ tmux.h ~ xterm-keys.c > Revert previous for now, it will break TERM=screen. (nicm@) ~ cmd-set-option.c > Clear option before adding to array if no -a, reported by Michael > Nickerson. (nicm@) == usr.sbin ========================================================== 11/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin acme-client ~ http.h > remove __BEGIN_DECLS and __END_DECLS from http.h > sync with ocspcheck and acme-client > ok benno@ (inoguchi@) bgpd ~ bgpd.h ~ parse.y > Flag the Loc-RIB with F_RIB_LOCAL so we can remove one ugly hack somewhere > else (claudio@) ~ rde.c ~ rde.h ~ rde_decide.c ~ rde_rib.c > Switch rde_generate_update and rde_send_kroute to accept a struct rib > instead > of the id. For this we move the rtableid into struct rib. Also move the > update > code in rib.c up to where the kroute code is. Makes more senses like that. > (claudio@) ~ rde.c ~ rde.h ~ rde_rib.c > Hopefully the last of the struct rib rototilling. Peer just points to a > struct rib and not rib_desc since the full descriptor is almost never > needed. > This should now allow the update code to be changed. (claudio@) ocspcheck ~ http.c > bring changes from acme-client over here. > ok beck@ (benno@) ~ http.h > remove __BEGIN_DECLS and __END_DECLS from http.h > sync with ocspcheck and acme-client > ok benno@ (inoguchi@) ~ ocspcheck.c > Fix array initialization syntax for ocspcheck.c > Conformance to C99, and avoiding build break on VisualStudio and HP-UX. > OK millert@ (inoguchi@) pkg_add ~ OpenBSD/PackageRepository.pm > some run environnement do not properly reset signals (e.g., python) and > as a result pkg_add + signify fails with weird error messages, as it relies > on default SIGPIPE behavior. > Finally fix the problem, sanitize our running environment before forking. > Problem reported by various people. (espie@) ~ OpenBSD/PkgInfo.pm > In some cases, pkg_info -e spec would display the spec instead of the > actual pkg name as intended. > (forgot who reported that one, sorry) (espie@) ~ OpenBSD/PkgDelete.pm > if the fs got badly damaged, display a decent error message instead of > erroring out when we can't read a plist. (espie@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
