OpenBSD src changes summary for 2017-08-09 ==========================================
lib/libssl lib/libtls sbin/dhclient share/mk sys/arch/amd64/amd64 sys/arch/amd64/include sys/arch/arm64/arm64 sys/arch/arm64/dev sys/arch/arm64/include sys/arch/i386/include sys/arch/octeon/dev sys/dev/acpi sys/dev/pci sys/kern sys/netinet6 sys/nfs usr.bin/bgplg usr.bin/mandoc usr.bin/tmux usr.sbin/ndp usr.sbin/relayd usr.sbin/smtpd usr.sbin/vmd == lib =============================================================== 01/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libssl ~ s3_lib.c > Fix conditionals for DH controls. (jsing@) ~ s3_lib.c > Remove unnecessary curly braces and unindent. Also add a few blank lines > for readability. (jsing@) ~ s3_lib.c > Start splitting out controls into individual functions, so that they can > eventually be exposed as direct functions/symbols. (jsing@) ~ s3_lib.c > Split more controls into individual functions. (jsing@) ~ s3_lib.c > Split out the remaining SSL controls into individual functions. (jsing@) ~ s3_lib.c > Be consistent and return from each SSL control case, rather than breaking > from some. (jsing@) ~ s3_lib.c > Start splitting out SSL_CTX controls into individual functions, so that > they can eventually be exposed as direct functions/symbols. (jsing@) ~ s3_lib.c > Split out the remaining SSL_CTX controls into individual functions. > (jsing@) ~ s3_lib.c > Consistently return from each SSL/SSL_CTX control case, rather than > breaking from some and returning from others. (jsing@) ~ ssl_lib.c ~ ssl_locl.h ~ t1_lib.c > Pull out the code that identifies if we have an ECC cipher in the cipher > list or if we are negotiating an ECC cipher in the handshake. This dedups > some of the existing code and will make the EC extension rewrites easier. > ok doug@ (jsing@) libtls ~ tls.c ~ tls_config.c ~ tls_internal.h > Don't use tls_cert_hash for the hashing used by the engine offloading magic > for the TLS privsep code. Instead use X509_pubkey_digest() because only the > key should be used as identifier. Relayd is rewriting certificates and then > the hash would change. Rename the hash is struct tls_keypair to pubkey_hash > to make clear what this hash is about. > With input and OK jsing@ (claudio@) == sbin ============================================================== 02/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ dhclient.c ~ dispatch.c > Add some additional poll() error checking. Remove checks > for EAGAIN as that is not a possible poll() errno. > suggestions & ok guenther@ (krw@) ~ dhcpd.h ~ dispatch.c ~ kroute.c > Stop obsessively flushing the imsg connection. Just > flush any queued messages on getting a POLLOUT. (krw@) == share ============================================================= 03/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share mk ~ bsd.lib.mk > switch the order of substitutions for syspatch object file order to avoid > deleting ../ in the path (robert@) == sys =============================================================== 04/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ vmm.c > typo in comment (mlarkin@) ~ vmm.c > Expose TSC to vmm guest > This exposes TSC to vmm guest and OpenBSD guests should use it as a > preferred > timecounter on >= skylake. This should improve the clock drift situation. > This > breaks vmctl send and receive (for >= skylake), working on that. > ok mlarkin@ (pd@) ~ vmm.c > fix a few DPRINTFs in vmm.c so that compilation with VMM_DEBUG works > ok mlarkin@ (pd@) arch/amd64/include ~ specialreg.h > reorder some MSRs in the MSR list that were out of order. No functional > change; I'll be adding a few new ones and noticed these were misplaced. > (mlarkin@) ~ specialreg.h > Add IA32_MISC_ENABLE MSR and bitfield values, to be used shortly by > vmm(4) (mlarkin@) arch/arm64/arm64 ~ support.S > remove duplicated PAGE macros and drop type suffix > ok kettenis@ (jsg@) ~ machdep.c > fix format strings > ok kettenis@ (jsg@) ~ cpu.c ~ pmap.c ~ trap.c > Fix format strings to make the kernel build on arm64 again after the > recent kprintf changes in clang. > ok deraadt@ kettenis@ (jsg@) arch/arm64/dev ~ agintc.c > Fix format strings to make the kernel build on arm64 again after the > recent kprintf changes in clang. > ok deraadt@ kettenis@ (jsg@) arch/arm64/include ~ param.h ~ vmparam.h > remove duplicated PAGE macros and drop type suffix > ok kettenis@ (jsg@) arch/i386/include ~ specialreg.h > reorder some MSRs in the MSR list that were out of order. No functional > change; I'll be adding a few new ones and noticed these were misplaced. > (mlarkin@) ~ specialreg.h > Add IA32_MISC_ENABLE MSR and bitfield values, to be used shortly by > vmm(4) (mlarkin@) arch/octeon/dev ~ octcit.c > Clear any pending (edge-triggered) interrupts at setup to avoid > spurious interrupts with newly established handlers. (visa@) dev/acpi ~ acpi.c > Add "PNP0303" (8042 PS/2 Controller) to acpi_isa_hids[] > ok kettenis@ (dcoppa@) dev/pci ~ pcireg.h > vmd: allow guest PCI interrupt line reassignment. > I also added a couple config space register names to pcireg.h to try and > reduce the use of magic numbers in vmd/pci.c > ok pd@ (mlarkin@) kern ~ uipc_socket.c ~ uipc_syscalls.c > Move the socket lock "above" sosetopt(), sogetopt() and sosplice(). > Protect the fields modifieds by sosetopt() and simplify the dance > with the stars. > ok bluhm@ (mpi@) netinet6 ~ nd6_rtr.c > We are no longer processing router advertisements in the > kernel. > OK mpi (florian@) ~ nd6.c ~ nd6.h > We are no longer generating privacy addresses in the > kernel. > OK mpi (florian@) ~ nd6.c ~ nd6.h > accept_rtadv doesn't do anything since some time. > OK mpi (florian@) ~ nd6.c ~ nd6.h > Remove knob and always do neighbor unreachable detection. (florian@) nfs ~ krpc_subr.c ~ nfs_socket.c ~ nfs_syscalls.c > Move the socket lock "above" sosetopt(), sogetopt() and sosplice(). > Protect the fields modifieds by sosetopt() and simplify the dance > with the stars. > ok bluhm@ (mpi@) == usr.bin =========================================================== 05/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin bgplg ~ bgplg.h > let the looking glass look at the details for a specific AS > diff from Denis Fondras, thanks! > OK benno@, phessler@ (phessler@) mandoc ~ man.1 > Explain how to transform markup for the terminal when not using a > pager, and how to remove markup. Add related cross references. > While here, as suggested by jmc@, replace the excessive cross > references to the intro pages by a more relevant one to mandoc(1). > Triggered by a question from, using feedback from, and OK jmc@. (schwarze@) tmux ~ cmd-choose-tree.c ~ format.c ~ screen-write.c ~ tmux.1 ~ window-buffer.c ~ window-client.c ~ window-tree.c > Add -F to choose-tree, choose-client, choose-buffer to specify the > format of each line, as well as adding a couple of formats needed for > the default display. (nicm@) ~ options.c ~ window-tree.c > Fix filtering so it works after the change to only show windows if they > have multiple panes. (nicm@) == usr.sbin ========================================================== 06/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin ndp ~ ndp.8 ~ ndp.c > accept_rtadv doesn't do anything since some time. > OK mpi (florian@) ~ ndp.8 ~ ndp.c > Remove knob and always do neighbor unreachable detection. (florian@) ~ ndp.c > the recent adjustment of -i means usage() fits nicely on > two lines now, instead of three; (jmc@) relayd ~ relay.c > Call tls_config_skip_private_key_check() to disable the key checking in > the inspect case (same is done in the regular server mode). > OK bluhm@ and jsing@ (claudio@) ~ ca.c > Use X509_pubkey_digest() like libtls to hash the keys for the TLS privsep > code. This fixes interception mode (since there we rewrite the CERT which > would alter the hash of the cert but the keys still remain the same). > OK bluhm@ and jsing@ (claudio@) smtpd ~ mail.file.c ~ mail.lmtp.c ~ mail.maildir.c > at the exception of mail.local, smtpd never executes an MDA as root. > the check is performed daemon-side before even forking the child process, > but let's also check euid in the mda we ship in case someone executes them > by hand and needs to see an explicit error message. (gilles@) ~ mail/Makefile + mail.mda.8 + mail.mda.c + mail/mail.mda/Makefile > add mail.mda MDA in charge of running a third-party MDA, not linked yet > (gilles@) vmd ~ pci.c > vmd: allow guest PCI interrupt line reassignment. > I also added a couple config space register names to pcireg.h to try and > reduce the use of magic numbers in vmd/pci.c > ok pd@ (mlarkin@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
