OpenBSD src changes summary for 2017-10-21 ==========================================
distrib/miniroot sbin/dhclient sys/arch/mips64/conf sys/arch/mips64/include sys/dev/ic sys/dev/usb sys/net80211 usr.bin/ssh == distrib =========================================================== 01/04 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib miniroot ~ install.sub > Change v4_config() and v6_config() > - to support CIDR notation for the answers to the > "IPv4 address for <if>?" and "IPv6 address for <if>?" questions > - to not ask for netmask and prefix lenght if CIDR is used > - to ask the questions again if ifconfig fails with the provided input > Triggered by a report from landry@. > Using ideas from sthen@ > OK deraadt@ tb@ (rpe@) == sbin ============================================================== 02/04 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ clparse.c > Bring parse_client_lease_statement() into the new world by > return 0/1 for success. (krw@) ~ clparse.c > Whitespace. (krw@) ~ clparse.c > Last but not least, bring parse_interface_declaration() > into the 0/1 for success world. (krw@) == sys =============================================================== 03/04 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/mips64/conf ~ files.mips64 > Use MI mplock on mips64. > OK mpi@ (visa@) arch/mips64/include ~ cpu.h ~ mplock.h > Use MI mplock on mips64. > OK mpi@ (visa@) dev/ic ~ bwfm.c > Even though letting the firmware handle the handshake is nice from > a user perspective, it's rather horrible from a security perspective. > Especially since there has not only been the KRACK attack, but also > exploited wireless firmware. Thus this commit changes the way that > bwfm(4) is integrated into our network stack. Instead of making it > an Ethernet controller with some WiFi capability, deeply integrate > it into the net80211 stack. This way we can do the WPA handshake in > software and we don't have to reimplement or copy too much code from > the net80211 stack. Some code taken from NetBSD where Jared McNeill > committed bwfm(4) with net80211 integration as well. > Discussed with and "looks good" stsp@ (patrick@) ~ bwfmreg.h ~ bwfmvar.h > Even though letting the firmware handle the handshake is nice from > a user perspective, it's rather horrible from a security perspective. > Especially since there has not only been the KRACK attack, but also > exploited wireless firmware. Thus this commit changes the way that > bwfm(4) is integrated into our network stack. Instead of making it > an Ethernet controller with some WiFi capability, deeply integrate > it into the net80211 stack. This way we can do the WPA handshake in > software and we don't have to reimplement or copy too much code from > the net80211 stack. Some code taken from NetBSD where Jared McNeill > committed bwfm(4) with net80211 integration as well. > Discussed with and "looks good" stsp@ (patrick@) dev/usb ~ if_bwfm_usb.c > Initialize all fields in the BCDC protocol, otherwise the controller > behaves erratically and drops packets on TX. Found the hard way by > Jared McNeill. While there, also set the priority field. > ok stsp@ (patrick@) net80211 ~ ieee80211_output.c ~ ieee80211_proto.h > Make ieee80211_classify() available in a header so we can make the > priority visible to underlying bus protocols like bwfm(4)'s bcdc. > (patrick@) == usr.bin =========================================================== 04/04 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin ssh ~ misc.c ~ misc.h ~ readconf.c ~ readconf.h ~ scp.1 ~ scp.c ~ sftp.1 ~ sftp.c ~ ssh.1 ~ ssh.c ~ ssh_config.5 > Add URI support to ssh, sftp and scp. For example ssh://user@host > or sftp://user@host/path. The connection parameters described in > draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since the > ssh fingerprint format in the draft uses md5 with no way to specify > the hash function type. OK djm@ (millert@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
