OpenBSD src changes summary for 2017-02-28 ==========================================
distrib/miniroot distrib/sets lib/libcrypto lib/libssl lib/libtls regress/sbin regress/sys sbin/iked sbin/ipsecctl sbin/isakmpd share/man share/zoneinfo sys/arch/alpha/alpha sys/arch/amd64/amd64 sys/arch/arm/arm sys/arch/arm64/arm64 sys/arch/arm64/conf sys/arch/hppa/hppa sys/arch/i386/i386 sys/arch/landisk/landisk sys/arch/loongson/loongson sys/arch/luna88k/luna88k sys/arch/macppc/macppc sys/arch/octeon/octeon sys/arch/sgi/sgi sys/arch/socppc/socppc sys/arch/sparc64/sparc64 sys/dev/acpi sys/kern sys/net sys/netinet sys/netinet6 sys/netmpls sys/stand sys/sys usr.bin/ftp usr.bin/ssh usr.sbin/crunchgen usr.sbin/vmctl usr.sbin/vmd == distrib =========================================================== 01/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib miniroot ~ install.sub > Modify the logic to determine the default answer for the "Location > of sets?" question. Present 'http' as the default answer if > /etc/installurl exists. This fixes the issue noted by aja@ and > espie@ that 'cd' was always overriding 'http'. > OK aja@ (rpe@) ~ install.sub > Create the /etc/installurl file during upgrade too if a mirror was > used and if the file did not yet exist. > discussed with aja@ and deraadt@ > OK tb@ aja@ (rpe@) sets ~ lists/base/mi > sync (deraadt@) == lib =============================================================== 02/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libcrypto ~ objects/objects.txt > Fix typo in issuingDistributionPoint description. (jsing@) ~ Makefile ~ Symbols.list ~ evp/evp.h + evp/m_md5_sha1.c > Add an EVP interface that provides concatenated MD5+SHA1 hashes, which are > used in various parts of TLS 1.0/1.1. > This will allow for code simplification in libssl. > The same interface exists in OpenSSL 1.1. > ok beck@ deraadt@ inoguchi@ millert@ (jsing@) ~ man/EVP_DigestInit.3 > Document EVP_md5_sha1(). (jsing@) ~ shlib_version > Bump minors due to symbol addition. (jsing@) libssl ~ ssl_clnt.c ~ ssl_lib.c ~ ssl_locl.h ~ ssl_srvr.c > Stop pretending that MD5 and SHA1 might not exist - rather than locating > "ssl3-md5" and "ssl-sha1", call the EVP_md5() and EVP_sha1() functions > directly. > ok beck@ inoguchi@ (jsing@) ~ shlib_version > Bump minors due to symbol addition. (jsing@) libtls ~ shlib_version > Bump minors due to symbol addition. (jsing@) == regress =========================================================== 03/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress sbin ~ route/rttest3.ok ~ route/rttest5.ok ~ route/rttest6.ok ~ route/rttest8.ok > Reflect recent net/route.c change. Adding a conflicting route no > longer increment a 'use' counter. (mpi@) sys ~ netinet6/frag6/LICENSE ~ netinet6/frag6/Makefile > Fragment reassembly code exists in pf and network stack. To test > both, run the tests in a loop. Disable and enable pf on the remote > machine automatically. (bluhm@) ~ netinet6/rh0/Makefile ~ netinet6/rh0/rh0_empty.py ~ netinet6/rh0/rh0_final.py ~ netinet6/rh0/rh0_frag2.py ~ netinet6/rh0/rh0_frag_empty.py ~ netinet6/rh0/rh0_frag_final.py ~ netinet6/rh0/rh0_frag_route.py ~ netinet6/rh0/rh0_none.py ~ netinet6/rh0/rh0_route.py + netinet6/rh0/LICENSE > IPv6 packets with routing header 0 are dropped by pf, but answered > with ICMP6 parameter problem by the network stack. This test expects > the ICMP6 packets, so disable pf on the remote machine temporarily. > (bluhm@) == sbin ============================================================== 04/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin iked ~ pfkey.c > Depending on the addresses, ipsecctl(8) automatically groups sa > bundles together. Extend the kernel interface to export the bundle > information to userland. Then ipsecctl -ss -v can show the internal > relations. Unfortunately the header SADB_X_EXT_PROTOCOL was reused > by SADB_X_GRPSPIS, so it cannot be used to transfer the second sa > type with sysctl. Introduce a new SADB_X_EXT_SATYPE2 and use it > consistently. > OK hshoexer@ markus@ (bluhm@) ipsecctl ~ pfkdump.c ~ pfkey.c > Depending on the addresses, ipsecctl(8) automatically groups sa > bundles together. Extend the kernel interface to export the bundle > information to userland. Then ipsecctl -ss -v can show the internal > relations. Unfortunately the header SADB_X_EXT_PROTOCOL was reused > by SADB_X_GRPSPIS, so it cannot be used to transfer the second sa > type with sysctl. Introduce a new SADB_X_EXT_SATYPE2 and use it > consistently. > OK hshoexer@ markus@ (bluhm@) isakmpd ~ pf_key_v2.c > Depending on the addresses, ipsecctl(8) automatically groups sa > bundles together. Extend the kernel interface to export the bundle > information to userland. Then ipsecctl -ss -v can show the internal > relations. Unfortunately the header SADB_X_EXT_PROTOCOL was reused > by SADB_X_GRPSPIS, so it cannot be used to transfer the second sa > type with sysctl. Introduce a new SADB_X_EXT_SATYPE2 and use it > consistently. > OK hshoexer@ markus@ (bluhm@) == share ============================================================= 05/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man9/buffercache.9 > geteblk() has been switched to size_t. > ok stefan, as part of a larger diff (natano@) zoneinfo ~ datfiles/africa ~ datfiles/antarctica ~ datfiles/asia ~ datfiles/australasia ~ datfiles/backward ~ datfiles/europe ~ datfiles/leapseconds ~ datfiles/northamerica ~ datfiles/southamerica ~ datfiles/zone.tab ~ datfiles/zone1970.tab > Update to tzdata2017a from ftp.iana.org (millert@) == sys =============================================================== 06/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/alpha ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/amd64/amd64 ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/arm/arm ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/arm64/arm64 ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/arm64/conf ~ GENERIC > build with USER_PCICONF to enable /dev/pci* (jsg@) arch/hppa/hppa ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/i386/i386 ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/landisk/landisk ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/loongson/loongson ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/luna88k/luna88k ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/macppc/macppc ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/octeon/octeon ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/sgi/sgi ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/socppc/socppc ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/sparc64/sparc64 ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) dev/acpi ~ acpi.c ~ acpibtn.c ~ acpisony.c ~ acpithinkpad.c ~ acpitoshiba.c ~ acpivar.h > Untangle abstract sleep modes from ACPI sleep states. This paves the way > for further work in the area. > idea and ok deraadt > ok mlarkin (natano@) kern ~ vfs_bio.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) net ~ rtable.c ~ art.c ~ art.h > Prevent a MP race in rtable_lookup(). > If an ART node is linked to multiple route entries, in the MPATH case, > it is not safe to dereference ``an_dst''. This non-refcounted pointer > can be changed at any time by another CPU. > So get rid of the pointer and use the first destination of a route entry > when comparing sockaddrs. > This allows us so remove a pointer from 'struct art_node' and save 5Mb of > memory in an IPv4 fullfeed. > ok jmatthew@, claudio@, dlg@ (mpi@) ~ route.c > Use rtable_match() rather than rtalloc(9) when adding a new route. > rtalloc(9) should be reserved for the hot path otherwise it's hard > to interpret the value of the 'use' counter. > ok claudio@ (mpi@) ~ if.c > Don't change the up status of the interface when changing its rdomain. > Diff from nagasaka@iij. > ok mpi (yasuoka@) ~ pfkeyv2.c ~ pfkeyv2.h ~ pfkeyv2_convert.c ~ pfkeyv2_parsemessage.c > Depending on the addresses, ipsecctl(8) automatically groups sa > bundles together. Extend the kernel interface to export the bundle > information to userland. Then ipsecctl -ss -v can show the internal > relations. Unfortunately the header SADB_X_EXT_PROTOCOL was reused > by SADB_X_GRPSPIS, so it cannot be used to transfer the second sa > type with sysctl. Introduce a new SADB_X_EXT_SATYPE2 and use it > consistently. > OK hshoexer@ markus@ (bluhm@) netinet ~ ipsec_input.c > Some refactoring in ip6_input() needed to un-KERNEL_LOCK() the IPv6 > forwarding path. > Rename ip6_ours() in ip6_local() as this function dispatches packets > to the upper layer. > Introduce ip6_ours() and get rid of 'goto hbhcheck'. This function > will be later used to enqueue local packets. > As a bonus this reduces differences with IPv4. > Inputs and ok bluhm@ (mpi@) netinet6 ~ ip6_input.c ~ ip6_var.h > Some refactoring in ip6_input() needed to un-KERNEL_LOCK() the IPv6 > forwarding path. > Rename ip6_ours() in ip6_local() as this function dispatches packets > to the upper layer. > Introduce ip6_ours() and get rid of 'goto hbhcheck'. This function > will be later used to enqueue local packets. > As a bonus this reduces differences with IPv4. > Inputs and ok bluhm@ (mpi@) netmpls ~ mpls.h > Remove mpls_raw_usrreq() prototype, that function is gone. (claudio@) stand ~ efi/include/efidevp.h > Update header to clean up defines, add the SATA device path and the > EFI_DEVICE_PATH_TO_TEXT_PROTOCOL protocol. > ok yasuoka@ (patrick@) sys ~ buf.h > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) == usr.bin =========================================================== 07/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin ftp ~ fetch.c > Use a do{}while loop with ssize_t return value when calling tls_read() > problem noted by and ok jsg@ (guenther@) ssh ~ packet.c > small memleak: free fd_set on connection timeout (though we are heading to > exit anyway). From Tom Rix in bz#2683 (djm@) == usr.sbin ========================================================== 08/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin crunchgen ~ crunchgen.c > Make object-in-archive-used identification portable to lld: use --trace > instead of -M and transform the output to a common > /path/to/archive.a(object.o) > syntax. > problem noted by jsg@ > ok kettenis@ jsg@ (guenther@) vmctl ~ vmctl.c > Use fmt_scaled(3) in vmctl status output to print curmem/maxmem > This matches the accepted input in vmctl start and vm.conf that > supports using M, G, T etc. instead of a hardcoded MB. It also allows > to shrink the column size as the unit will be scaled automatically. > OK mlarkin@ (reyk@) vmd ~ vm.conf.5 > Sort vm.conf(5) config options alphabetically > OK mlarkin@ (reyk@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
