OpenBSD src changes summary for 2016-07-17 to 2016-07-24 inclusive ==================================================================
bin/ksh bin/stty distrib/miniroot distrib/notes distrib/sets etc/netstart lib/libc lib/libevent lib/libssl libexec/ld.so regress/sbin regress/sys regress/usr.sbin sbin/dhclient sbin/iked sbin/newfs sbin/pfctl sbin/sysctl share/man sys/arch/amd64/amd64 sys/arch/arm/arm sys/arch/arm/simplebus sys/arch/armv7/imx sys/arch/armv7/omap sys/arch/armv7/sunxi sys/conf sys/dev sys/dev/pci sys/dev/pv sys/dev/usb sys/kern sys/net sys/net80211 sys/netinet sys/netinet6 sys/sys sys/tmpfs usr.bin/dc usr.bin/doas usr.bin/jot usr.bin/kdump usr.bin/ktrace usr.bin/mail usr.bin/mandoc usr.bin/netstat usr.bin/openssl usr.bin/patch usr.bin/ssh usr.bin/tcpbench usr.sbin/bgpd usr.sbin/eigrpd usr.sbin/ifstated usr.sbin/installboot usr.sbin/iscsid usr.sbin/ldpd usr.sbin/mopd usr.sbin/pkg_add usr.sbin/pstat usr.sbin/rcctl usr.sbin/relayd usr.sbin/ripd usr.sbin/sasyncd usr.sbin/smtpd usr.sbin/switchctl usr.sbin/switchd usr.sbin/tcpdump usr.sbin/vmd == bin =============================================================== 01/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin ksh ~ sh.1 > rework the first sentence of this page; > with help from otto (jmc@) stty ~ stty.c > Before terminal characteristics are displayed, stty(1) activates > pledge(2). Then the values cannot be modified anymore. Let stty > error out if the display and modify mode are combined on the command > line to avoid a pledge violation later on. > OK deraadt@ (bluhm@) == distrib =========================================================== 02/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib miniroot ~ install.sub > Back out the automatic pkg.conf installpath changes; because pkg_add has > an immature heuristic for "what is a release and what is a snapshot". > This change maybe improved the post-release experience, but it damages the > pre-release experience, which may result in less effective pre-release > testing, which risks creating poor releases, which may result in poor > post-release experiences. > Specific case: subtle breakage to fw_update. (deraadt@) notes ~ armv7/prep > Some armv7 machines are shipped with linux images that run USB OTG ports > in client mode and provide serial access to a getty and networking. > Make it clear that a real serial console that can interact with the > firmware is required. > Suggested by and wording tweaks from ian@ (jsg@) sets ~ lists/man/mi > sync (deraadt@) == etc =============================================================== 03/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc netstart ~ netstart > Do not consider tap(4) a special interface and start if before other > pseudo-interfaces. > This unbreak vlan(4) on top of tap(4) since the refactoring to turn it > MP-safe. > ok claudio@, deraadt@ (mpi@) == lib =============================================================== 04/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ softfloat/fpgetmask.c ~ softfloat/fpgetround.c ~ softfloat/fpgetsticky.c ~ softfloat/fpsetmask.c ~ softfloat/fpsetround.c ~ softfloat/fpsetsticky.c > We have __weak_alias() everywhere; remove obsolete #ifdef's > ok deraadt@ (guenther@) ~ gen/sysctl.3 > Make the size for the syn cache hash array tunable. As we are > swapping between two syn caches for random reseeding anyway, this > feature can be added easily. When the cache is empty, there is an > opportunity to change the hash size. This allows an admin under > SYN flood attack to defend his machine. > Suggested by claudio@; OK jung@ claudio@ jmc@ (bluhm@) libevent ~ event.3 > Talk about event API instead of libevent > Avoids inconsistent capitalization of libevent at start of sentence > suggested by and ok jmc@, ok bluhm@ (stefan@) libssl ~ src/crypto/bn/bn_nist.c > Initialize buffers before use, noted by Kinichiro Inoguchi. > ok beck@ (bcook@) ~ src/crypto/objects/obj_dat.c > remove unused OPENSSL_NO_OBJECT case > ok tedu@ (bcook@) ~ src/crypto/bn/bn_nist.c > use memset to initialize the union (bcook@) ~ src/crypto/bn/bn_nist.c > don't mix code and decls, ok tedu@ (bcook@) == libexec =========================================================== 05/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec ld.so ~ m88k/ldasm.S > Updated advice^Wcode from miod@ for passing &_DYNAMIC to _dl_boot_bind > ok aoyama@ (guenther@) ~ m88k/ldasm.S > Polish: > - copy #define workaround from mips64 to avoid dangling __CERROR symbol > - remove trap DL_SYSCALL2_NOERR() macro with comment explanation > - make DL_SYSCALL2() self-contained > - add END() and ENTRY() macros to make the symbol table shine > ok miod@ (guenther@) == regress =========================================================== 06/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress sbin ~ route/rttest1.ok ~ route/rttest10.ok ~ route/rttest11.ok ~ route/rttest12.ok ~ route/rttest14.ok ~ route/rttest15.ok ~ route/rttest16.ok ~ route/rttest17.ok ~ route/rttest18.ok ~ route/rttest19.ok ~ route/rttest2.ok ~ route/rttest21.ok ~ route/rttest3.ok ~ route/rttest4.ok ~ route/rttest5.ok ~ route/rttest6.ok ~ route/rttest7.ok ~ route/rttest8.ok ~ route/rttest9.ok > Update counters & unbreak now that rtrequest(RTM_ADD, ...) caches the > gateway. (mpi@) sys ~ netinet/arp/Makefile ~ netinet/pmtu/Makefile > Remote regression tests should not run ssh with -t all the time. > This will make it easier to automate them. (bluhm@) ~ net/rtable/srp_compat.h ~ net/rtable/delete/main.c > Adapt test to the srp_swap() area. (mpi@) usr.sbin + switchd/Makefile + switchd/OFP.pm + switchd/args-packet-jumbo.pm + switchd/run.pl > Add simple OpenFlow tests for switchd. (reyk@) + switchd/args-http.pcap + switchd/args-http.pm + switchd/args-icmp.pcap + switchd/args-icmp.pm > Add two more tests that use traffic that was captured with tcpdump. > These files serve as an example, no more .pcap files should be added here > (especially not large ones). (reyk@) ~ relayd/README > s/sudo/doas/ (benno@) ~ switchd/Makefile > Fix generated Perl headers. > With input from bluhm@ (reyk@) + relayd/args-http-filter-null-host.pl > add a regression test (benno@) == sbin ============================================================== 07/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ bpf.c ~ dhclient.c > Narrow the BPF read filter rules so only packets sent to the > interface's LLADDR pass. Rely on dhclient's existing ability to > detect and react to LLADDR changes. > This limits the number of packets that get dropped as a result of > dhclient setting BIOCSFILDROP on the bpf descriptor. > Problem with bridges and multiple dhclients noted by stsp@. > ok mpi@ stsp@ deraadt@ henning@ (krw@) ~ dhclient.c > As a general rule, fchown before fchmod is a safer order (because many > systems throw away bits upon chown). Not in this case, but code gets > copied.. > ok krw (deraadt@) ~ dhclient.c ~ privsep.h > Shrink priv_write_file() API so that it does less, and the callers ask > it to do less. Discussion with guenther. > ok krw (deraadt@) ~ dhclient.c ~ dispatch.c ~ kroute.c > Use explicit idiom when testing the result of strcmp() and strncmp(). > i.e. == 0 and != 0 as appropriate. No intentional functional change. > Suggested by & ok tom@ (krw@) ~ dhclient.c > Actually DECLINE and delete unused offers. Don't just say so in a comment. > In situations where >1 offer is received this will eliminate unbounded > memory > growth and make us a more polite netizen. In some corner cases it might > prevent reuse of inappropriate older offers. > ok millert@ (krw@) ~ bpf.c ~ dhclient.c > Back out the dhclient BPF change. There are DHCP servers out there which > send frames to the ethernet broadcast address, so this will need some more > thought and it's too late for 6.0. > Problem reported by Holger Mikolon. > ok mpi@ (stsp@) iked ~ parse.y > When parsing the configuration. initialize the auth structure > correctly, as parse.y's $$ is not zero-initialized. > Found by Rene Ammerlaan > OK markus@ florian@ (reyk@) newfs ~ newfs.c > At n2k16 David Vasek pointed out that FFS partitions on 4K disks are > created with far fewer inodes than DEV_BSIZE devices. > Scale the default 'density' value by (sector size)/DEV_BSIZE to > create the same number of inodes. Obviously a NO-OP on DEV_BSIZE > devices. > Thanks David! > ok deraadt@ (krw@) pfctl ~ parse.y > g/c unused (global!) var: oqueues isn't used any more. ALTQ leftover; not > noticed since struct node_queue stayed. ok claudio benno gcc (henning@) ~ pfctl_parser.h > no more cbq_opts - CBQ is gone, ok mpi phessler benno (henning@) sysctl ~ sysctl.8 > Make the size for the syn cache hash array tunable. As we are > swapping between two syn caches for random reseeding anyway, this > feature can be added easily. When the cache is empty, there is an > opportunity to change the hash size. This allows an admin under > SYN flood attack to defend his machine. > Suggested by claudio@; OK jung@ claudio@ jmc@ (bluhm@) == share ============================================================= 08/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man9/mbuf.9 > Use a flag to indicate that a packet has been received on an IPv6 > anycast address. > This will allow us to split ip6_input() in two parts using a queue > in the middle. > ok jca@, florian@, bluhm@ (mpi@) ~ man8/release.8 > hint at the default for XSRCDIR; from tim kuijsten > allows us to zap some verbiage from the beginning... > ok deraadt (jmc@) ~ man4/Makefile > add chvgpio.4 overlooked when the file was added > ok deraadt@ (jsg@) == sys =============================================================== 09/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ vmm.c > Ensure some undesirable entry controls are cleared, instead of relying > on the default settings. > Noticed when booting a NetBSD guest VM. (mlarkin@) ~ vmm.c > Dump vcpu state on unknown exit type, and add a diagnostic message > (including vcpu state dump) on failure to enter due to an incorrect > guest state. > Added as a debug facility when diagnosing interruptibility state > problems seen while testing NetBSD guest VMs. (mlarkin@) ~ vmm.c > Fix a few CPUID emulation issues: > Don't advertise a hyperthreaded CPU. This doesn't make a lot of sense now > as we only provide UP guest support. This, combined with the other CPUID > issues fixed, fooled NetBSD's topology enumeration code into thinking we > had an unsupportable core/thread/package configuration. > Also fixed the unsupported CPUID functions by returning 0 in the return > registers instead of leaving whatever trash happened to be there before > the call was made. (mlarkin@) arch/arm/arm ~ pmap7.c > Don't need a separate flags variable in armv7 pmap_clean_page() - > just use the pv_flags. ('Twas a copy-paste from arm's pmap_clean_page(), > which did need it.) > Also remove even less used flags variable from pmap_page_remove(). > First part from a diff from aalm@ - thanks > ok kettenis@ "looks good" patrick@ (tom@) ~ pmap7.c > Remove what appears to be a copy-paste error setting cur_ttb > in pmap_free_l1(). > from aalm@ - thanks > ok patrick@ (tom@) arch/arm/simplebus ~ simplebus.c > Some SoCs have a ranges property set in their device trees. This can > be used to translate one memory address to another. Currently we just > pass the child's memory address to bus space map. If one of the parent > busses implements a ranges property, the child's address property is > not the real address. This change hooks up a bus space map function > that is aware of the ranges property and translates the addresses if > needed. > ok kettenis@ > looks fine jsg@ (patrick@) arch/armv7/imx ~ if_fec.c > set and clear the 10baseT bit in statchg > ok patrick@ (jsg@) ~ if_fec.c > Fallback to the known fec irq number on imx.6 if the fdt > interrupts-extended property is missing or not the size we expect. > Some dtbs implement a workaround for "ERR006687 ENET: Only the ENET > wake-up interrupt request can wake the system from Wait mode" suggested > by the IMX6DQCE errata document to set an undocumented gpio mux mode and > handle the interrupt via gpio. > We don't support gpio interrupts yet, hopefully this change is enough > to make interrupts work on wandboard and sabre lite again till we do. > Discussed with kettenis and patrick, tested on sabre lite by patrick. > (jsg@) ~ imx.c > Attach imx(4) on i.mx6 quad plus which appears to be largely compatible > with i.mx6 quad but with more memory bandwidth and some graphics tweaks. > ok kettenis@ (jsg@) ~ if_fec.c > The linux kernel treated the "phy-reset-gpio" as active-low regardless of > what > the device tree says. As a result many device trees encode it as > active-high > when active-low is needed. For now just override the device tree. > ok jsg@, patrick@ (kettenis@) ~ imxuart.c > Previously the uarts attached in order, so that the first attached uart > is always the serial console. With device tree enumeration, this order > is not given anymore. The serial console might now attach with a > different minor and has to be updated, otherwise there will be no > further output on the serial. Thus, re-create the i.MX6 console with > the correct minor number on attach. > ok jsg@, kettenis@ (patrick@) arch/armv7/omap ~ prcm.c > Set function pointers based on the fdt root node instead of board ids. > ok kettenis@ (jsg@) ~ omgpio.c > Set function pointers based on the fdt root node instead of board ids. > ok kettenis@ on an earlier version (jsg@) ~ intc.c > use the fdt root node instead of board ids to test for am335x (jsg@) ~ if_cpsw.c ~ omap_com.c ~ ommmc.c ~ sitara_cm.c ~ sitara_cm.h ~ sitara_cmreg.h ~ ti_iic.c > Adapt kettenis' pinctrl changes in imx to sitaracm and > pinctrl-single,pins to handle mux settings and pad configuration. > The fdt data has offsets from the start of the pinmux address range so > the am335x specific pinmux offset from the scm base is added to the > offsets. This as not a new driver as sitaracm does manual table > driven pad configuration for gpio. If all the offsets in the > ti_padconf_devmap table were reduced by the am335x pinmux offset (0x800) > it may make sense to map only the pinmux memory region and not the > scm superset. > looks good kettenis@ (jsg@) ~ prcm.c ~ prcmvar.h > Add additional i2c and mmc prcm module enum values for devices that > didn't attach previously on OMAP4 with the static device configuration > and now do with the fdt. Like most of the other OMAP4 prcm cases > these don't do anything, hopefully we'll properly configure clocks with > data from the fdt at some point in the future. > Tested by abieber@ on PandaBoard-ES. (jsg@) arch/armv7/sunxi ~ sunxi.c > Attach sunxi(4) based on the compatible property of the root node of the > device tree like we do on omap. Add preliminary support for the sun5i > variant which corresponds to the A13 and A10s SoCs. > ok patrick@ (kettenis@) ~ sxitimer.c > Apparently we need to explicitly stop the timers before reloading them. At > least this is what Linux does and it fixes a hang on the Olimex A10s > boards. > While there, also preserve the clock selection when reloading the timer. > ok patrick@, jsg@, tom@ (kettenis@) conf ~ GENERIC > do the pool debug release dance. ok deraadt (tedu@) dev ~ softraid.c > Plug potential leak of device list. > Problem found by Michael McConville. > Tested & ok stsp@ (krw@) dev/pci ~ if_iwm.c > Make iwm(4) retry Tx of management frames less often. We now retry > management > frames the same number of times as Linux iwlwifi does. (stsp@) ~ if_iwm.c > Fix inverted logic in iwm_tx(). The PROT_REQUIRE flag in should be set for > data frames above a certain length, but we were setting it for !data frames > above a certain length, which makes no sense at all. Found while comparing > our driver's Tx code to iwlwifi. > ok mpi@ (stsp@) ~ if_iwm.c > Explicitly set iwm(4) firmware Tx aggregation limit to one (which disables > Tx aggregation), instead of the maximum (63 frames). Tx aggregation should > already be disabled, so this change should be a no-op. It just avoids any > side effects in case the firmware happens to interpret the limit we set > here. > ok mpi@ (stsp@) ~ virtio_pci.c > virtio_pci: Always allow MSI/MSI-X > For virtio devices, ignore the black/white-listing depending on the PCI > bridge. This enables MSI-X with qemu's old "82441FX" pci-bridge. > Suggested by kettenis@ (sf@) ~ ehci_pci.c > ATI controllers seem to need the same workaround as VIA controllers. > This should hopefully help people reporting errors with SB700. > From FreeBSD, ok kettenis@, krw@ (mpi@) ~ if_iwn.c > Bring iwn_update_htprot() back, so iwn(4) will properly keep track > of HT protection changes while associated. > HT protection affects behaviour on Tx but is configured along with Rx > settings > (because Intel likes it that way). And our previous iwn_update_htprot() > implementation had a bug where it would accidentally clear bits which > enable > CCK rates for Rx. The Intel Wireless-N 2200 chip accordingly stopped > receiving > some frames (most notably broadcast frames) and the link broke down. > Also, restore the power-saving level after updating the Rx config (like > Linux does), and add some DELAYs for good measure to ensure the firmware > has time to process asynchronous commands we send. > tested by myself and mlarkin@ > ok mlarkin@ (stsp@) ~ if_iwn.c > Make the iwn(4) LED flash 10 times slower in monitor mode. > Makes running monitor mode over extended periods of time much less > annoying. > ok benno@ (stsp@) ~ if_iwm.c ~ if_iwmreg.h > Disable the beacon filter in iwm(4). This allows beacons to pass through to > the stack while associated, which in turn makes it possible to keep track > of > HT protection changes. > ok mpi@ (stsp@) ~ if_rtwn.c > Make rtwn(4) and urtwn(4) respect the RTS threshold set by net80211. > ok mpi@ (stsp@) dev/pv ~ hyperv.c ~ if_hvn.c > Remove a few debugging leftovers (mikeb@) dev/usb ~ ehci.c > ATI controllers seem to need the same workaround as VIA controllers. > This should hopefully help people reporting errors with SB700. > From FreeBSD, ok kettenis@, krw@ (mpi@) ~ if_ral.c > Unbreak ural(4), which had been dropping frames on Tx while > the IFF_RUNNING flag was set since last November (r1.138). > Apparently nobody is using this driver, except for martijn@. > Fix tested by martijn@ and myself. > ok dlg@ (stsp@) ~ if_urtwn.c > Make rtwn(4) and urtwn(4) respect the RTS threshold set by net80211. > ok mpi@ (stsp@) kern ~ uipc_usrreq.c > instead of messing about with pointer arithmetic, add an empty array > to the end of the defer structure. solves sizing and alignment concerns. > (tedu@) ~ uipc_socket.c TAGGED OPENBSD_5_8 > I forgot to commit the 5.8 version of the splice fix. > Reminded by Florian Riehm > backport splice loop fix: > On localhost a user program may create a socket splicing loop. > After writing data into this loop, it was spinning forever causing > a kernel hang. Detect the loop by counting how often the same mbuf > is spliced. If that happens 128 times, assume that there is a loop > and abort the splicing with ELOOP. > Bug found by tedu@; OK tedu@ millert@ benno@ (tedu@) ~ vfs_subr.c TAGGED OPENBSD_5_8 > Prevent NULL-pointer call for filesystems that don't provide vfs_sysctl > in their vfsops. > Issue reported by Tim Newsham. > ok claudio@, natano@ (kettenis@) net ~ pf.c ~ pfvar.h > Hide pf internals by moving code from in_ouraddr() to pf_ouraddr(). > OK mpi@ sashan@ (bluhm@) ~ pfvar.h > no more cbq_opts - CBQ is gone, ok mpi phessler benno (henning@) ~ route.c > Return EAGAIN for every deleted route when detaching an interface. > Previously the code was "too clever" and returned EAGAIN only for > cloning route assuming that other deletion did not modify the tree. > Analysed by and ok dlg@ (mpi@) ~ art.c ~ rtable.c > Revert use of the _SAFE version of SRPL_FOREACH() now that the offending > function has been fixed. > Functions passed to rtable_walk() must return EAGAIN if they delete an > entry from the tree, no matter if it is a leaf or not. (mpi@) ~ pf_lb.c > remove wrong and misleading comment, ok phessler (henning@) ~ pfvar.h > don't hide globals between function prototypes; ok phessler benno > (henning@) ~ pf_osfp.c ~ pf_ruleset.c > style: no spaces after # for define/include, ok phessler benno (henning@) ~ route.c > Check for errors when deleting routes inside rtable_walk() and abort > the walk if a route cannot be deleted. > Prevent an infinite recursion reported by Dimitris Papastamos. > ok claudio@ (mpi@) net80211 ~ ieee80211_proto.c > In net80211, enable RTS for frames above a particular size (currently 512 > bytes). This is what other OS have been doing for years. In our stack this > feature was present but disabled at compile-time by an #ifdef. > This is a low risk change because drivers were already required to use RTS > whenever the AP set the USE_PROTECTION flag in ERP elements of its beacons. > This change allows for reasonable throughput on loaded 11g networks > whereas before they were practically unusable. > tests and ok phessler@ (stsp@) netinet ~ ip_input.c > Hide pf internals by moving code from in_ouraddr() to pf_ouraddr(). > OK mpi@ sashan@ (bluhm@) ~ in_pcb.c > NULLify a route pointer after calling rtfree(9). > This should theoretically be a no-op because we're freeing the PCB > right after, but it helps us debug a reference count problem found > by otto@. > ok mikeb@ (mpi@) ~ ip_carp.c > Fix the check supposed to prevent 'ip' and 'ip-stealth' balancing modes > from leaking the multicast address. > beck@ found the hard way that this made his second CARP master use a > wrong MAC address. > This is part of a bigger diff from Florian Riehm who is currently > working on a proper solution to fix balancing modes. > ok beck@, bluhm@ (mpi@) ~ tcp_output.c > Plug an mbuf leak in the error path of tcp signature in tcp_output(). > OK claudio@ henning@ (bluhm@) ~ tcp_input.c ~ tcp_usrreq.c ~ tcp_var.h > Make the size for the syn cache hash array tunable. As we are > swapping between two syn caches for random reseeding anyway, this > feature can be added easily. When the cache is empty, there is an > opportunity to change the hash size. This allows an admin under > SYN flood attack to defend his machine. > Suggested by claudio@; OK jung@ claudio@ jmc@ (bluhm@) ~ in_pcb.c ~ in_pcb.h ~ udp_usrreq.c > Split in6_selectsrc() into a low-level part and a pcb-level part, and > convert in_selectsrc() prototype to match. > Ok bluhm@ mpi@. (vgross@) ~ tcp_usrreq.c ~ tcp_var.h > To tune the TCP SYN cache we need more information. Print the > relevant counters with netstat -s -p tcp. > OK henning@ (bluhm@) ~ tcp_output.c TAGGED OPENBSD_5_8 > I forgot to commit the 5.8 version of the splice fix. > Reminded by Florian Riehm > backport splice loop fix: > On localhost a user program may create a socket splicing loop. > After writing data into this loop, it was spinning forever causing > a kernel hang. Detect the loop by counting how often the same mbuf > is spliced. If that happens 128 times, assume that there is a loop > and abort the splicing with ELOOP. > Bug found by tedu@; OK tedu@ millert@ benno@ (tedu@) ~ ip_input.c TAGGED OPENBSD_5_8 > Fix a double rtfree(9) triggered when IPSEC inserts a more specific > route because of PMTU. > otto@ reported the issue and helped me tracking it down during more > than one month, he is the man! > mikeb@ figured out the bug was in the forwarding path. > ok mikeb@, deraadt@, claudio@ (mpi@) ~ in_pcb.c ~ in_pcb.h ~ udp_usrreq.c TAGGED OPENBSD_5_8 > Revert in_selectsrc() refactoring, it breaks IPv6. > Reported by Heiko on bugs@. > ok stsp@, claudio@ (mpi@) netinet6 ~ ip6_input.c > Kill the rtableid variable in ip6_input(). It does not make sense > to store a field in an extra variable that is only accessed twice. > OK mpi@ (bluhm@) ~ ip6_input.c > Use a flag to indicate that a packet has been received on an IPv6 > anycast address. > This will allow us to split ip6_input() in two parts using a queue > in the middle. > ok jca@, florian@, bluhm@ (mpi@) ~ ip6_input.c > In ip6_input() use a shortcut to detect our own address if the pf > state key is linked to a socket inp. > OK mpi@ henning@ (bluhm@) ~ ip6_input.c > protect a pf specific function with the correct #if. Fixes ramdisk > building. > (we got lucky before, because the variable that used to be checked was > always available) > OK bluhm@ (phessler@) ~ icmp6.c ~ in6_pcb.c ~ in6_src.c ~ ip6_var.h ~ nd6_nbr.c ~ raw_ip6.c ~ udp6_output.c > Split in6_selectsrc() into a low-level part and a pcb-level part, and > convert in_selectsrc() prototype to match. > Ok bluhm@ mpi@. (vgross@) ~ icmp6.c ~ in6_pcb.c ~ in6_src.c ~ ip6_var.h ~ nd6_nbr.c ~ raw_ip6.c ~ udp6_output.c > Revert in_selectsrc() refactoring, it breaks IPv6. > Reported by Heiko on bugs@. > ok stsp@, claudio@ (mpi@) sys ~ mbuf.h > Use a flag to indicate that a packet has been received on an IPv6 > anycast address. > This will allow us to split ip6_input() in two parts using a queue > in the middle. > ok jca@, florian@, bluhm@ (mpi@) ~ malloc.h > Make the size for the syn cache hash array tunable. As we are > swapping between two syn caches for random reseeding anyway, this > feature can be added easily. When the cache is empty, there is an > opportunity to change the hash size. This allows an admin under > SYN flood attack to defend his machine. > Suggested by claudio@; OK jung@ claudio@ jmc@ (bluhm@) ~ mbuf.h TAGGED OPENBSD_5_8 > I forgot to commit the 5.8 version of the splice fix. > Reminded by Florian Riehm > backport splice loop fix: > On localhost a user program may create a socket splicing loop. > After writing data into this loop, it was spinning forever causing > a kernel hang. Detect the loop by counting how often the same mbuf > is spliced. If that happens 128 times, assume that there is a loop > and abort the splicing with ELOOP. > Bug found by tedu@; OK tedu@ millert@ benno@ (tedu@) tmpfs ~ tmpfs_vfsops.c > Set the vfs_systcl member of the vsfops struct to eopnotsupp. While we > check > for a null pointer now, all other filesystems fill in the complete table. > ok deraadt@, tom@ (kettenis@) == usr.bin =========================================================== 10/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin dc ~ dc.c > getopt(3) can be called twice (once for bc and once for dc), so reinit > getopt > ok deraadt@ (otto@) doas ~ doas.c > The string with path to shell could be taken directly from struct passwd. > At some point later the data it points to is overridden by getpwuid() call, > resulting in garbage. The problem could be easily demonstreated by double > doas call: > $ doas doas -su _sndio > doas: mpty: command not found > The fix is easy: just strdup() the pw_shell field value. > okay tedu@, tweaks from & okay natano@ (zhuk@) jot ~ jot.1 ~ jot.c > 1. Update manpage in view of the change of behavior I introduced in -r1.27. > The bounds are taken inclusive and -w %d doesn't change the output of > integer random sequences anymore. This is the same behavior as that > of Linux and NetBSD, but differs from FreeBSD and OS X. > Issue reported by Philippe Meunier on misc@. > 2 Fix a bug from the same commit observed by Otto: if the precision is 0, > values may be printed out of bounds. Fall back to the old behavior if at > least one bound isn't an integer. > General agreement expressed by otto@, tedu@, jmc@, sobrado@ > Help with checking other operating systems by sobrado@. > Manpage ok jmc@. > Bugfix discussed with otto@ on icb (tb@) ~ jot.1 > Remove now obsolete parenthetical explanation (should have been part of > previous commit). (tb@) kdump ~ kdump.1 ~ kdump.c > Add 'p' trace point for KTRFAC_PLEDGE, as noted by > Michal Mazurek <[email protected]> > While here, fix handling of -t+ in ltrace. (guenther@) ktrace ~ extern.h ~ ktrace.1 ~ ktrace.c ~ ltrace.1 ~ subr.c > Add 'p' trace point for KTRFAC_PLEDGE, as noted by > Michal Mazurek <[email protected]> > While here, fix handling of -t+ in ltrace. (guenther@) mail ~ quit.c ~ v7.local.c > Cleanup close(open idioms. > ok krw (deraadt@) mandoc ~ html.h ~ libmandoc.h ~ mandoc_aux.h ~ mandocdb.c ~ term_ps.c > Use __attribute__((__format__ throughout. > Triggered by a smaller patch from Christos Zoulas. (schwarze@) ~ read.c > Since the mdoc/man parser unification, the parser is always allocated > in mparse_alloc(), so delete all the curp->man == NULL checks. > Triggered by a patch from Christos Zoulas suggesting to add > yet another such check. (schwarze@) ~ tag.c > tag_signal() is dead; from LLVM via Christos Zoulas (schwarze@) netstat ~ inet.c ~ main.c ~ netstat.h > To tune the TCP SYN cache we need more information. Print the > relevant counters with netstat -s -p tcp. > OK henning@ (bluhm@) openssl ~ openssl.1 > strip back asn1parse; ok beck jsing > description of -out altered on jsing's advice (jmc@) ~ openssl.1 > strip back openssl ca: in particular remove some excessively wordy > sections, > move some other sections into more relevant places, and remove the example > ca file; (jmc@) ~ openssl.1 > strip back openssl ciphers: > - rearrange the descriptions of -V and -v to read more logically > - move the cipherlist text into the cipherlist description > - zap examples (jmc@) ~ openssl.1 > strip back openssl crl somewhat: remove the examples > and move any relevant text into the main body; (jmc@) ~ openssl.1 > rename NOTES to COMMON SYNTAX (explains itself better); rework the > passphrase section a little; move the DER|PEM stuff in there to help > avoid text repetition, and prefer the lowercase (less keys to press); > adjust ENVIRONMENT to format a little more nicely; (jmc@) ~ openssl.1 > rework DESCRIPTION a little: no-command seems clearer than no-XXX; (jmc@) ~ openssl.1 > rework crl2pkcs7; with help from jsing (jmc@) patch ~ inp.c > Cleanup close(open idioms. > ok krw (deraadt@) ssh ~ ssh.c ~ sshconnect2.c > support UTF-8 characters in ssh(1) banners using schwarze@'s > safe fmprintf printer; bz#2058 > feedback schwarze@ ok dtucker@ (djm@) ~ packet.c > Add some unsigned overflow checks for extra_pad. None of these > are reachable with the amount of padding that we use internally. > bz#2566, pointed out by Torben Hansen. ok markus@ (djm@) ~ packet.c > Reduce timing attack against obsolete CBC modes by always computing > the MAC over a fixed size of data. > Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and > Martin Albrecht. ok djm@ (markus@) ~ channels.c ~ sshd_config.5 > Allow wildcard for PermitOpen hosts as well as ports. bz#2582, patch from > openssh at mzpqnxow.com and jjelen at redhat.com. ok markus@ (dtucker@) ~ sshd_config.5 > tweak previous; (jmc@) ~ readconf.c > Do not clobber the global jump_host variables when parsing an inactive > configuration. ok djm@ (naddy@) ~ auth-passwd.c > Skip passwords longer than 1k in length so clients can't easily DoS sshd > by sending very long passwords, causing it to spend CPU hashing them. > feedback djm@, ok markus@. > Brought to our attention by tomas.kuthan at oracle.com, shilei-c at > 360.cn and coredump at autistici.org (dtucker@) ~ readconf.c ~ ssh_config.5 > reverse the order in which -J/JumpHost proxies are visited to be > more intuitive and document > reported by and manpage bits naddy@ (djm@) ~ monitor.c > move debug("%p", key) to before key is free'd; probable undefined > behaviour on strict compilers; reported by Jakub Jelen bz#2581 (djm@) ~ sftp.c > constify a few functions' arguments; patch from Jakub Jelen bz#2581 (djm@) ~ sshconnect2.c > Lower loglevel for "Authenticated with partial success" message similar to > other similar level. bz#2599, patch from cgallek at gmail.com, ok markus@ > (dtucker@) ~ ssh_config.5 > improve wording; suggested by jmc@ (djm@) ~ clientloop.c > fix pledge violation with ssh -f; reported by Valentin Kozamernik > ok dtucker@ (djm@) ~ version.h > openssh-7.3 (djm@) tcpbench ~ tcpbench.1 ~ tcpbench.c > Add AF_UNIX support to tcpbench and also make it possible to randomize the > write size in the client. pledge setup can be made tighter but that will be > done in a second step. > OK benno@, henning@, markus@ and some man page input by jmc@ (claudio@) ~ tcpbench.1 > zap trailing whitespace; (jmc@) == usr.sbin ========================================================== 11/11 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin bgpd ~ session.c ~ rde.c > Remove a fatal() in peer_up when the local addrs of a peer can't be figured > out. > Instead bring the session down and wait for admin help. > OK henning@, benno@, phessler@ (claudio@) eigrpd ~ log.h ~ tlv.c > add format attributes to log functions and fix two errors > ok renato@ (benno@) ifstated ~ ifstated.h > add format attributes to log functions > ok stsp@ claudio@ florian@ (benno@) ~ ifstated.h > remove bogus attributes from ifstated, spooted by guenther@ (benno@) installboot ~ Makefile > Use more compact idiom to select architecture dependent files to compile. > No > intentional functional change. > Diff from Miod. > ok millert@ deraadt@ (krw@) iscsid ~ log.h > add format attributes to log functions > ok claudio@ (benno@) ldpd ~ lde.c ~ log.h > add format attributes to log functions and fix am error when using > log_warnx() > ok renato@ claudio@ (benno@) mopd ~ mopchk/Makefile ~ mopd/Makefile ~ mopprobe/Makefile ~ moptrace/Makefile > Linking against libkvm is unnecessary here > ok mlarkin@ (guenther@) pkg_add ~ OpenBSD/FwUpdate.pm > no quirks in FwUpdate. > okay theo (espie@) pstat ~ pstat.c > Fix VFLAG formatting > ok bluhm@ (guenther@) rcctl ~ rcctl.sh > In rcctl ls, skip all files with a '.' in the name, not just rc.subr; > pkg_add renames files in this way when the checksums don't match at update > or removal time. [[ ]] suggestion from guenther@ to avoid the messy "case" > that I had in my first diff. Other feedback/suggestions from halex aja > millert, ok halex@ aja@. (sthen@) relayd ~ relay_http.c ~ relayd.h > fix some cases where we relay_abort_http() the connection too soon. > instead, pass a more specific error back and handle the errors in > relay_test() instead. > reported by Arto Jonsson and Hiltjo Posthuma, thanks! > ok bluhm@ reyk@ (benno@) ~ relay_http.c ~ relayd.h TAGGED OPENBSD_5_8 > reliability fix: When signaling an error to an HTTP relay client, the > connection can be terminated prematurely, leading to a crash. (benno@) ~ relay_http.c ~ relayd.h TAGGED OPENBSD_5_9 > reliability fix: When signaling an error to an HTTP relay client, the > connection can be terminated prematurely, leading to a crash. (benno@) ripd ~ log.h ~ neighbor.c > add format attributes to log functions > ok florian@ claudio@ (benno@) ~ log.h > remove bogus attributes on fatal* spotted by guenther@ (benno@) sasyncd ~ net_ctl.c ~ pfkey.c ~ sasyncd.h > add format attributes to log functions and fix some errors > ok claudio@ florian@ (benno@) smtpd ~ smtp_session.c > Create a smtp transaction context on a session only for the duration of > that transaction. > ok gilles@ (eric@) ~ smtpd.h > bump version > ok deraadt@ (gilles@) switchctl + Makefile + parser.c + parser.h + switchctl.8 + switchctl.c > Import switchd(8), a basic WIP OpenFlow implementation for OpenBSD. > switchd consists of two parts: > 1. switchd(8) and switchctl(8), an OpenFlow controller or "vswitch". > 2. switch(4), an OpenFlow-aware kernel "bridge". > This the 1st part, the driver will be imported later. The code will > remain disabled for a while, but it helps development to have it in > the tree. switchd currently supports partial OpenFlow 1.0, but the > goal is to use OpenFlow 1.3.5 instead (switch(4) already does 1.3.5). > For more background information see: > http://www.openbsd.org/papers/bsdcan2016-switchd.pdf > https://youtu.be/Cuo0qT-lqig > With help from yasuoka@ goda@ > Import discussed with deraadt@ (reyk@) ~ parser.c > Remove unused variable (reyk@) ~ Makefile > The -DNAME=switch flag is an artifact from the PoC when I couldn't > decide on a name. Remove it and fix the name to switchd now. (reyk@) ~ switchctl.c > pledge switchctl (reyk@) switchd + Makefile + control.c + genmap.sh + imsg_util.c + log.c + ofcconn.c + ofp.c + ofp.h + ofp10.c + ofp10.h + ofp13.c + ofp_map.h + packet.c + parse.y + proc.c + proc.h + switch.c + switchd.8 + switchd.c + switchd.conf.5 + switchd.h + timer.c + types.h + util.c > Import switchd(8), a basic WIP OpenFlow implementation for OpenBSD. > switchd consists of two parts: > 1. switchd(8) and switchctl(8), an OpenFlow controller or "vswitch". > 2. switch(4), an OpenFlow-aware kernel "bridge". > This the 1st part, the driver will be imported later. The code will > remain disabled for a while, but it helps development to have it in > the tree. switchd currently supports partial OpenFlow 1.0, but the > goal is to use OpenFlow 1.3.5 instead (switch(4) already does 1.3.5). > For more background information see: > http://www.openbsd.org/papers/bsdcan2016-switchd.pdf > https://youtu.be/Cuo0qT-lqig > With help from yasuoka@ goda@ > Import discussed with deraadt@ (reyk@) ~ switchd.conf.5 > Comment out device/switch(4) for now (reyk@) ~ ofcconn.c ~ switchd.c > Don't use .p_shutdown in the proc struct (reyk@) ~ switchd.c > L2 tun is tap now (reyk@) ~ ofcconn.c > A bit of cleanup and style changes. ofcconn needs more work. (reyk@) ~ ofcconn.c ~ ofp.c ~ ofp10.c > Correctly use ssize_t instead of size_t for read/write return values. > Pointed out by David Hill and clang. (reyk@) ~ Makefile ~ types.h > The -DNAME=switch flag is an artifact from the PoC when I couldn't > decide on a name. Remove it and fix the name to switchd now. (reyk@) ~ switchd.conf.5 > Fix typo > from Atzm Watanabe (yasuoka@) ~ switchd.c ~ switchd.h > Add a -n flag to check the configuration and exit. Matches what almost > all the other daemons do. > ok reyk@ (jsg@) ~ Makefile > Fix dependencies of generated map files. (reyk@) ~ ofp.c ~ ofp10.c ~ ofp13.c ~ ofp_map.h ~ switchd.h > Update OpenFlow 1.3 stub based on the 1.0 code. (reyk@) ~ genmap.sh ~ ofp.h ~ ofp13.c ~ ofp_map.h > Parse and print OpenFlow 1.3 PACKET_IN and OXM (Openflow eXtended Match) - > no action yet. (reyk@) ~ packet.c ~ switch.c ~ switchd.h > Handle ports as uint32_t instead of in_port_t: OpenFlow 1.0 used 16bit > ports, but later versions switched to 32bit ports (for the case that a > virtual switch has more than 65535 switch ports, of course). (reyk@) ~ control.c ~ ofcconn.c ~ ofp.c ~ switchd.c ~ switchd.h > pledge(2) all the switchd processes. (reyk@) ~ ofcconn.c ~ ofp.c > fix typos in comments (reyk@) ~ ofp.c ~ ofp10.c ~ ofp13.c ~ switchd.h > Turn ofp*_debug functions into ofp*_validate functions to follow a > similar approach like iked: first validate the packet, then parse it, > and execute actions. debug logging is a side effect of validation. (reyk@) ~ ofp10.c ~ switchd.h ~ packet.c > With uint32_t ports, we cannot sneak the port into an int anymore (reyk@) ~ ofp10.c > long to uint32_t port (reyk@) ~ ofp13.c > Add basic support for OpenFlow 1.3 PACKET_IN+PACKET_OUT, > no FLOW_MOD yet. (reyk@) ~ switchd.c > "wpath" is needed in the parent pledge when using the /dev/switch0 device. > (reyk@) tcpdump ~ privsep.c > 2004 privsep caused "tcpdump -r" to became a priviledged operation because > we felt chroot-containment was also necessary for off-line analysis. Today > use of pledge "stdio" for the packet parser acts as an even better sandbox. > We can therefore silently ignore chroot setup failure, and regain tcpdump > -r > support. > Result of a discussion with tedu -- which probably happened because we > became aware of the laughable retarded -Z option in upstream tcpdump. > ok tedu sthen guenther stsp (deraadt@) ~ privsep.c > Split the root vs not-root cases better with regards to chroot setup. > ok kettenis benno tedu canacar (deraadt@) vmd ~ virtio.c ~ vmm.c > Replace malloc() + memset() with calloc(). > ok mlarkin (natano@) =============================================================================== _______________________________________________ owc mailing list [email protected] http://www.squish.net/mailman/listinfo/owc
