OpenBSD src changes summary for 2017-08-28 ==========================================
bin/ksh distrib/notes distrib/sets etc/rc lib/libcrypto lib/libkeynote lib/libssl lib/libtls libexec/ld.so regress/lib regress/usr.sbin sbin/dhclient sbin/iked sbin/newfs_ext2fs share/man sys/arch/alpha/conf sys/arch/amd64/conf sys/arch/arm64/conf sys/arch/armv7/conf sys/arch/hppa/conf sys/arch/i386/conf sys/arch/landisk/conf sys/arch/loongson/conf sys/arch/macppc/conf sys/arch/octeon/conf sys/arch/sgi/conf sys/arch/sparc64/conf sys/dev/fdt sys/dev/microcode sys/dev/pci sys/dev/sdmmc sys/dev/usb usr.bin/ctfconv usr.bin/cvs usr.bin/diff usr.bin/openssl usr.bin/tmux usr.sbin/apmd usr.sbin/httpd usr.sbin/ldapd usr.sbin/relayd usr.sbin/slaacctl usr.sbin/smtpd usr.sbin/switchd usr.sbin/syspatch usr.sbin/ypldap == bin =============================================================== 01/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin ksh ~ history.c > Put history_write() in line with other functions that walk history > One method is enough: only access history lines between 'history' and > 'histptr'. Pointers outside these bounds might be invalid. > ok millert@, "go for it" tb@ (jca@) ~ history.c > Don't bother setting freed history lines to NULL. > Dead code that could send the wrong hint to an unsuspicious reader. The > code should walk use 'history' & 'histptr' to walk the array. > ok millert@, "go for it" tb@ (jca@) == distrib =========================================================== 02/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib notes ~ arm64/hardware > sync list of supported machines with arm64.html (jsg@) sets ~ lists/base/mi > sync (deraadt@) ~ lists/base/mi ~ lists/man/mi > sync (deraadt@) == etc =============================================================== 03/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc rc ~ rc > Display that we are running the upgrade scripts when they exist. On slowish > machines, running sysmerge(8) can take a little while so don't let people > wonder about why the output seems stuck. > ok sthen@ tb@ rpe@ (ajacoutot@) == lib =============================================================== 04/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libcrypto ~ opensslfeatures.h > Define OPENSSL_NO_NEXTPROTONEG since there is no longer any NPN. (jsing@) - rsa/rsa_ssl.c ~ rsa/rsa_pmeth.c ~ rsa/rsa_eay.c ~ rsa/rsa.h ~ man/EVP_PKEY_CTX_ctrl.3 ~ man/RSA_padding_add_PKCS1_type_1.3 ~ man/RSA_public_encrypt.3 ~ Symbols.list ~ Makefile > Remove RSA_padding_add_SSLv23()/RSA_padding_check_SSLv23() and related > code. We removed SSLv2/SSLv3 a long time ago... > Discussed with doug@ (jsing@) ~ asn1/a_time_tm.c > Put the opening curly brace in the right place. (jsing@) ~ man/EVP_AEAD_CTX_init.3 > Remove documentation for EVP_aead_chacha20_poly1305_ietf() - this was > removed/renamed a long time back. (jsing@) ~ Symbols.list ~ evp/e_chacha20poly1305.c ~ evp/evp.h > Remove EVP_aead_chacha20_poly1305_old() now that the original/old > chacha20-poly1305 cipher suites have been removed from libssl. (jsing@) ~ shlib_version > Bump lib{crypto,ssl,tls} majors due to symbol removals. (jsing@) libkeynote ~ keynote-ver.l ~ keynote.l > Add %option noinput to suppress an unused function warning. > Noticed by and OK ottot@ (millert@) libssl ~ s3_lib.c ~ ssl_ciph.c ~ ssl_locl.h ~ tls1.h > Remove the original (pre-IETF) chacha20-poly1305 cipher suites. > Support for the IETF standardised chacha20-poly1305 cipher suites was > added 16 months ago, which means they exist in both of the currently > supported OpenBSD releases. > Also prompted by Andreas Bartelt <obsd at bartula dot de>. > ok beck@ doug@ (jsing@) ~ Symbols.list ~ ssl.h ~ ssl3.h ~ ssl_err.c ~ ssl_lib.c ~ tls1.h ~ man/SSL_CTX_set_alpn_select_cb.3 > Completely remove NPN remnants. > Based on a diff from doug@, similar diff from inoguchi@ (jsing@) ~ shlib_version > Bump lib{crypto,ssl,tls} majors due to symbol removals. (jsing@) ~ s3_lib.c > ECDHE-RSA-DES-CBC3-SHA should not be marked HIGH. > Spotted by Andreas Bartelt <obsd at bartula dot de> (jsing@) libtls ~ tls.c > Fix unchecked return nit > ok bcook@ jsing@ (beck@) ~ shlib_version > Bump lib{crypto,ssl,tls} majors due to symbol removals. (jsing@) == libexec =========================================================== 05/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec ld.so ~ aarch64/syscall.h > fix arm64 build > ok deraadt@ (jsg@) ~ library_subr.c ~ sparc64/rtld_machine.c ~ sh/ldasm.S ~ m88k/ldasm.S > whitespace (deraadt@) ~ amd64/ldasm.S ~ arm/ldasm.S > whitespace (deraadt@) == regress =========================================================== 06/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libssl/client/clienttest.c > Update due to removal of original chacha20-poly1305 cipher suites. (jsing@) ~ libssl/unit/cipher_list.c > Use current chacha20-poly1305 cipher suite values. (jsing@) ~ libcrypto/aead/aeadtest.c ~ libcrypto/aead/aeadtests.txt > Remove chacha20-poly1305-old regress and test vectors. (jsing@) ~ libcrypto/ocsp/ocsp_test.c > Some style(9). (jsing@) usr.sbin ~ snmpd/snmpd.sh ~ ifstated/ifstated ~ ifstated/statemachine > Update copyright notice contact info. (rob@) == sbin ============================================================== 07/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ dhcpd.h ~ options.c > No need for pretty_print_classless() to use > an internal 8K static buffer whose contents > are simply copied into another 8K buffer in > the caller. > Just pass a pointer to and length of the > outer buffer. (krw@) iked ~ crypto.c > fix char ** to const char ** conversion warning; ok mikeb@ (otto@) newfs_ext2fs ~ mke2fs.c > fix clang warning wrt const string and +; from joerg@netbsd; ok millert@ > (otto@) == share ============================================================= 08/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man - man4/ualea.4 ~ man4/Makefile ~ man4/usb.4 + man4/urng.4 > Add urng(4) which supports various USB RNG devices. Instead of adding one > driver per device, start bundling them into a single driver. > urng(4) supports the device currently supported by ualea(4) and adds > support for > the Altusmetrum ChaosKey 1.0, by abieber@ > This was tested by abieber@ with a ChaosKey and Sean Levy with an Alea II > ok abieber@ deraadt@ naddy@ (jasper@) == sys =============================================================== 09/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/conf ~ GENERIC > swap ualea for urng (jasper@) arch/amd64/conf ~ GENERIC > swap ualea for urng (jasper@) arch/arm64/conf ~ GENERIC ~ RAMDISK > Add rkpmic(4), a driver for the RK808 Power Management IC. For now, this > driver only provides support for the RTC embedded on this device. Support > for the voltage regulators will come later. With this diff the > Firefly-RK3399 > gains a proper clock (if you connect a battery to the board). (kettenis@) ~ GENERIC > swap ualea for urng (jasper@) arch/armv7/conf ~ GENERIC > swap ualea for urng (jasper@) arch/hppa/conf ~ GENERIC > swap ualea for urng (jasper@) arch/i386/conf ~ GENERIC > swap ualea for urng (jasper@) arch/landisk/conf ~ GENERIC > swap ualea for urng (jasper@) arch/loongson/conf ~ GENERIC > swap ualea for urng (jasper@) arch/macppc/conf ~ GENERIC > swap ualea for urng (jasper@) arch/octeon/conf ~ GENERIC > swap ualea for urng (jasper@) arch/sgi/conf ~ GENERIC-IP27 ~ GENERIC-IP30 ~ GENERIC-IP32 > swap ualea for urng (jasper@) arch/sparc64/conf ~ GENERIC > swap ualea for urng (jasper@) dev/fdt ~ files.fdt + rkpmic.c > Add rkpmic(4), a driver for the RK808 Power Management IC. For now, this > driver only provides support for the RTC embedded on this device. Support > for the voltage regulators will come later. With this diff the > Firefly-RK3399 > gains a proper clock (if you connect a battery to the board). (kettenis@) ~ rkpmic.c > tyop and whitespace nit (jasper@) dev/microcode ~ kue/build.c ~ yds/build.c > Fix clang warnings; ok guenther@ deraadt@ > (guenther says: code could need a rewrite using writev(2) though) (otto@) dev/pci ~ pcidevs > Add PCI device IDs for audio and USB OTG devices found on Atom z8300 SoC. > ok jsg@ kettenis@ (stsp@) ~ pcidevs.h ~ pcidevs_data.h > regen (stsp@) dev/sdmmc ~ sdmmc_io.c > Fix a memory leak in an error path. Coverity CID 1453042. > ok visa@ (jsg@) dev/usb - ualea.c ~ files.usb + urng.c > Add urng(4) which supports various USB RNG devices. Instead of adding one > driver per device, start bundling them into a single driver. > urng(4) supports the device currently supported by ualea(4) and adds > support for > the Altusmetrum ChaosKey 1.0, by abieber@ > This was tested by abieber@ with a ChaosKey and Sean Levy with an Alea II > ok abieber@ deraadt@ naddy@ (jasper@) == usr.bin =========================================================== 10/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin ctfconv ~ ctfstrip.1 > spelling/grammar fixes; (jmc@) cvs ~ rcs.c > Use xasprintf() instead of calloc() + strlcpy() + memcpy() to > generate the log line. Fixes a clang warning about using the wrong > size argument in strlcpy(). The existing code was safe but not > good strlcpy() practice. OK otto@ (millert@) ~ init.c ~ init.h ~ rcs.h ~ rcsnum.c ~ remote.c ~ remote.h ~ server.c ~ util.c ~ util.h > fix const related warnings; ok millert@ (otto@) diff ~ diffdir.c > Fix exit value when diffing directories with missing files and the -N > or -P options are not used. From Ibrahim Khalifa (millert@) openssl ~ rsautl.c ~ openssl.1 > Remove SSLv23 padding mode. (jsing@) tmux ~ cmd-find.c ~ resize.c ~ tmux.h ~ window.c > Do not forbid targets to specify non-visible panes - the checks for > visibility are better where the target is used. GitHub issue 1049. (nicm@) == usr.sbin ========================================================== 11/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin apmd ~ apmd.8 ~ apmd.c > add -z and -Z options to auto suspend or hibernate when low on battery. > from Jesper Wallin (tedu@) httpd ~ parse.y > 65535 is a valid port to listen on. > Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT > gmail, thanks! > chris@ pointed out that more than httpd(8) is effected. > OK gilles@ (florian@) ldapd ~ parse.y > 65535 is a valid port to listen on. > Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT > gmail, thanks! > chris@ pointed out that more than httpd(8) is effected. > OK gilles@ (florian@) relayd ~ parse.y > 65535 is a valid port to listen on. > Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT > gmail, thanks! > chris@ pointed out that more than httpd(8) is effected. > OK gilles@ (florian@) ~ relay.c > Do not close the relay if data is still in the output buffer. > Otherwise data not written could get lost. Also try to drain the > buffers when socket splicing should be enabled. The latter was > lost when the expicit bufferevent_enable() was added in relay_write(). > bug report, analysis, initial fix, testing Rivo Nurges; OK beck@ (bluhm@) slaacctl ~ slaacctl.c > print id first to make this symetrical to address proposals (florian@) smtpd ~ parse.y > 65535 is a valid port to listen on. > Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT > gmail, thanks! > chris@ pointed out that more than httpd(8) is effected. > OK gilles@ (florian@) switchd ~ parse.y > 65535 is a valid port to listen on. > Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT > gmail, thanks! > chris@ pointed out that more than httpd(8) is effected. > OK gilles@ (florian@) syspatch ~ syspatch.sh > Inform the user when we are relinking the kernel. (ajacoutot@) ypldap ~ parse.y > 65535 is a valid port to listen on. > Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT > gmail, thanks! > chris@ pointed out that more than httpd(8) is effected. > OK gilles@ (florian@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
