OpenBSD src changes summary for 2017-05-12 ==========================================
bin/ksh regress/lib regress/sys sbin/ifconfig share/man sys/arch/amd64/amd64 sys/arch/amd64/include sys/arch/arm/include sys/arch/arm64/include sys/arch/i386/i386 sys/arch/i386/include sys/arch/powerpc/include sys/dev/hid sys/dev/ic sys/dev/usb sys/dev/wscons sys/net sys/netinet sys/netinet6 usr.bin/mandoc usr.bin/tmux usr.sbin/smtpd usr.sbin/syspatch usr.sbin/user == bin =============================================================== 01/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin ksh ~ emacs.c > Improve UTF-8 handling on lines that are wider than the terminal, > in two respects: > 1. During output in x_e_putc(), when counting display columns, > skip UTF-8 continuation bytes. Fixes backward movements that > cause horizontal scrolling. > 2. After deleting characters, recalculate the last byte that fits > on the line. > Patch from <Anton dot Lindqvist at gmail dot com> on tech@. > OK millert@ tb@ (schwarze@) == regress =========================================================== 02/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libsndio/cap/cap.c > Fix typos and spacing. From Andre Smagin <as at smagin.com>. Thanks. > (ratchov@) sys ~ netinet/ipsec/Makefile ~ netinet/ipsec/README + netinet/ipsec/pf.conf > Run all IPsec tests with a pf rule that logs everything on the enc0 > interface. Use tcpdump to write the pflog0 output into a file. > Then grep can verify that all encrypted packets have been processed > by pf. (bluhm@) == sbin ============================================================== 03/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin ifconfig ~ ifconfig.8 > Make the markup of negative parameters consistently use .Cm; > those are command modifiers, not flags. Inconsistency noticed > and patch sent in by Anton dot Lindqvist at gmail dot com. (schwarze@) == share ============================================================= 04/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man7/ports.7 > No more CD-ROM releases, and advertise HTTP for > package download rather than FTP. Based on a patch > from <timo dot myyra at wickedbsd dot net>, tweaked by me. (schwarze@) == sys =============================================================== 05/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ copy.S > Make copyin(9) and copyout(9) atomic for naturally aligned 32-bit words. > ok mpi@, visa@ (kettenis@) arch/amd64/include ~ atomic.h > Make atomic.h ready to be included in userland. > - prefix the LOCK macro with an underscore > - keep setbits/clearbits and virtio barriers inside _KERNEL > ok dlg@, kettenis@ (mpi@) arch/arm/include ~ atomic.h > Make atomic.h ready to be included in userland. > - keep setbits/clearbits and virtio barriers inside _KERNEL > - prefix def_atomic_xxx macros with underscores (mpi@) arch/arm64/include ~ atomic.h > Make atomic.h ready to be included in userland. > - keep setbits/clearbits and virtio barriers inside _KERNEL > ok dlg@, kettenis@ (mpi@) arch/i386/i386 ~ locore.s > Make atomic.h ready to be included in userland. > - prefix the LOCK macro with an underscore > - keep setbits/clearbits and virtio barriers inside _KERNEL > - Get rid of unused futex_atomic_ucas_int32(). > ok dlg@, kettenis@ (mpi@) arch/i386/include ~ atomic.h > Make atomic.h ready to be included in userland. > - prefix the LOCK macro with an underscore > - keep setbits/clearbits and virtio barriers inside _KERNEL > - Get rid of unused futex_atomic_ucas_int32(). > ok dlg@, kettenis@ (mpi@) arch/powerpc/include ~ atomic.h > Make atomic.h ready to be included in userland. > - keep setbits/clearbits inside _KERNEL > ok dlg@, kettenis@ (mpi@) dev/hid ~ hidkbd.c > Introduce a new keyboard console hook to enter ddb(4) and make ukbd(4) > use it. > Instead of defering every input of a USB console keyboard to a timeout > via a queue of one element, only differ entering ddb(4) once a matching > control sequenece has been typed. > This prevent loosing inputs when a USB console keyboard is "too fast". > Fix a problem reported by matthieu@, Adam McDougall and Hrvoje Popovski. > ok stsp@, dlg@ (mpi@) dev/ic ~ nvme.c > subtract one sector from the disk size before passing it back to the > scsi layer, which will add one sector back > fixes incorrect disk size reporting which was causing fdisk to > create a protective MBR of one too many sectors, which caused our > EFI bootloader to fail to recognize it as a GPT disk > ok dlg (jcs@) dev/usb ~ ukbd.c > Introduce a new keyboard console hook to enter ddb(4) and make ukbd(4) > use it. > Instead of defering every input of a USB console keyboard to a timeout > via a queue of one element, only differ entering ddb(4) once a matching > control sequenece has been typed. > This prevent loosing inputs when a USB console keyboard is "too fast". > Fix a problem reported by matthieu@, Adam McDougall and Hrvoje Popovski. > ok stsp@, dlg@ (mpi@) dev/wscons ~ wskbd.c ~ wskbdvar.h > Introduce a new keyboard console hook to enter ddb(4) and make ukbd(4) > use it. > Instead of defering every input of a USB console keyboard to a timeout > via a queue of one element, only differ entering ddb(4) once a matching > control sequenece has been typed. > This prevent loosing inputs when a USB console keyboard is "too fast". > Fix a problem reported by matthieu@, Adam McDougall and Hrvoje Popovski. > ok stsp@, dlg@ (mpi@) net ~ if_switch.c ~ switchofp.c > Make a kernel with switch(4) but without INET6 compile again. > Sprinkle some #ifdef INET6 and do not use in6addr_any from the > netinet6 code. > test and OK rzalamena@ (bluhm@) ~ fq_codel.c ~ fq_codel.h > Export delay statistics instead of bucket information (mikeb@) ~ if_bridge.c > Unify duplicate code from address family switch in bridge_ipsec(). > Remove an if condition that cannot happen. > OK mikeb@ (bluhm@) netinet ~ ip_input.c ~ ip_var.h > Use the IPsec policy check from ipv4_input() also when forwarding > in ip6_input(). While there avoid an ugly #ifdef in ipv4_input(). > OK mikeb@ (bluhm@) ~ ipsec_input.c > Instead of printing a debug message at the end of processing, panic > early if the IPsec security protocol is unknown. ipsec_common_input() > and ipsec_common_input_cb() can only be called with the IP protocols > ESP, AH, or IPComp. Everything else is a programming mistake. > OK claudio@ (bluhm@) ~ tcp_usrreq.c > Use the common switch(af) construct for address family specific > code in tcp_usrreq(PRU_CONNECT). Do not access sockaddr_in before > checking the address family. Return EAFNOSUPPORT error in the > default case. > OK mikeb@ (bluhm@) ~ ip_input.c ~ ip_var.h ~ ipsec_input.c > IPsec packets were passed through ip_input() a second time after > they have been decrypted. That means that all the IP header fields > were checked twice. Also fragment reassembly was tried twice. > At pf incoming packets in tunnel mode appeared twice on the enc0 > interface, once as IP-in-IP and once as the inner packet. In the > outgoing path pf only sees the inner packet. Asymmetry is bad for > stateful filtering. > IPv6 shows that IPsec works without that. After decrypting immediately > continue with local delivery. In tunnel mode the IP-in-IP protocol > functions pass the inner header to ip6_input(). In transport mode > only pf_test() has to be called for the enc0 device. > Introduce ip_local() to avoid needless processing and cleaner pf > behavior in IPv4 IPsec. > OK mikeb@ (bluhm@) netinet6 ~ ip6_input.c > Use the IPsec policy check from ipv4_input() also when forwarding > in ip6_input(). While there avoid an ugly #ifdef in ipv4_input(). > OK mikeb@ (bluhm@) == usr.bin =========================================================== 06/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin mandoc ~ Makefile > Fix the man.cgi target after the recent file additions; > this didn't break the build because it's not built by default. (schwarze@) ~ html.c ~ mdoc_html.c > Make the tag column in .Bl -tag lists wider: > 1. I forgot about the 2n padding between tag and body. > 2. The factor 1.1 was too small for bold fold, make it *1.15 + 1n. > Ugliness spotted by tb@. (schwarze@) tmux ~ format.c ~ tmux.h ~ window-copy.c ~ window.c > Store copy mode search string in pane so search-again command works even > if you exit and reenter copy mode (it doesn't remember the position, > just the search string), suggested by espie@. (nicm@) ~ tty.c > Can use DECFRA to clear area when not using default background. (nicm@) ~ input.c ~ screen-write.c ~ tmux.h ~ tty.c > ECH needs to use background colour. (nicm@) ~ tty.c > Can use INDN to clear regions with default background colour if margins > are supported. (nicm@) ~ tty.c > Regions can't be smaller than 2 so don't try to clear them by scrolling if > so. (nicm@) ~ grid-view.c ~ grid.c ~ input.c ~ screen-write.c ~ server-fn.c ~ tmux.h ~ tty.c ~ window-copy.c > Scrolling needs to use background colour. (nicm@) ~ format.c > Only redraw single client, and tweak some logging. (nicm@) ~ screen-write.c > Need to clear tty context before using it. (nicm@) ~ tty.c > Cannot rely on cursor position after DL and IL (some terminals move to > column 0, some do not). (nicm@) ~ screen-write.c > Need to store bg for ECH. (nicm@) ~ grid.c > When expanding a line in order to clear it, we need to use the default > background colour - there may be portions that we do not want to clear > with the new background colour. (nicm@) ~ format.c > Reset updated flag when restarting job so new output is detected, > reported by Gregory Pakosz in GitHub issue 922. (nicm@) ~ format.c > Remove an unused variable. (nicm@) ~ tty.c > Can scroll away full lines to clear them too. (nicm@) ~ tty.c > Compare >= for columns not >. (nicm@) == usr.sbin ========================================================== 07/07 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin smtpd ~ smtpd.c > queue is not owned by _smtpd but _smtpq so a bug in lookup process does not > allow read/write of envelopes and messages, unfortunately the purge_task() > function which is in charge of garbage collecting left-overs from aborted > transactions is still executed as _smtpd preventing it from working. > issue reported by Philippe Meunier, fix from Edgar Pettijohn (gilles@) syspatch ~ syspatch.sh > Make sure we have a valid URL in /etc/installurl to prevent ending up stuck > in > ftp(1) interactive mode. > reported by and OK sthen@ (ajacoutot@) user ~ user.c > Replace memset(3) with explicit_bzero(3) on user(8) on sensitive data > (passwords) as soon as they are not needed on memory anymore. > OK millert@ (mestre@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
