OpenBSD src changes summary for 2017-02-26 to 2017-03-05 inclusive ==================================================================
distrib/miniroot distrib/notes distrib/sets etc/Makefile etc/changelist etc/etc.amd64/sysctl.conf etc/etc.i386/sysctl.conf etc/etc.loongson/sysctl.conf etc/examples/pkg.conf etc/mtree/BSD.x11.dist etc/rc etc/rc.conf etc/rc.d/xdm etc/rc.d/xenodm etc/root/root.mail etc/signify/openbsd-62-base.pub etc/signify/openbsd-62-fw.pub etc/signify/openbsd-62-pkg.pub gnu/usr.bin/binutils-2.17 gnu/usr.bin/perl lib/csu lib/libc lib/libcrypto lib/librthread lib/libssl lib/libtls regress/lib regress/sbin regress/sys regress/usr.bin sbin/disklabel sbin/iked sbin/init sbin/ipsecctl sbin/isakmpd sbin/reboot sbin/route sbin/sysctl share/locale share/man share/mk share/zoneinfo sys/arch/alpha/alpha sys/arch/amd64/amd64 sys/arch/amd64/include sys/arch/amd64/stand/efiboot sys/arch/amd64/stand/libsa sys/arch/arm/arm sys/arch/arm/include sys/arch/arm64/arm64 sys/arch/arm64/conf sys/arch/armv7/conf sys/arch/armv7/exynos sys/arch/armv7/omap sys/arch/hppa/conf sys/arch/hppa/hppa sys/arch/i386/i386 sys/arch/i386/include sys/arch/landisk/landisk sys/arch/loongson/loongson sys/arch/luna88k/luna88k sys/arch/macppc/macppc sys/arch/macppc/stand/tbxidata sys/arch/mips64/include sys/arch/octeon/include sys/arch/octeon/octeon sys/arch/sgi/sgi sys/arch/socppc/socppc sys/arch/sparc64/sparc64 sys/conf sys/dev/acpi sys/dev/fdt sys/dev/ic sys/dev/isa sys/dev/pckbc sys/dev/wscons sys/kern sys/net sys/net80211 sys/netinet sys/netinet6 sys/netmpls sys/nfs sys/stand sys/sys sys/uvm usr.bin/dc usr.bin/ftp usr.bin/mandoc usr.bin/ssh usr.bin/tmux usr.bin/units usr.sbin/bgpd usr.sbin/crunchgen usr.sbin/ldapd usr.sbin/ldpd usr.sbin/ntpd usr.sbin/pcidump usr.sbin/pkg_add usr.sbin/relayd usr.sbin/syslogd usr.sbin/tcpdump usr.sbin/unbound usr.sbin/vmctl usr.sbin/vmd == distrib =========================================================== 01/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib miniroot ~ install.sub > Switch to xenodm(1). > Do it now deraadt@ (matthieu@) ~ install.sub > Sync comments about install.md variables with reality. (rpe@) ~ install.sub > Modify the logic to determine the default answer for the "Location > of sets?" question. Present 'http' as the default answer if > /etc/installurl exists. This fixes the issue noted by aja@ and > espie@ that 'cd' was always overriding 'http'. > OK aja@ (rpe@) ~ install.sub > Create the /etc/installurl file during upgrade too if a mirror was > used and if the file did not yet exist. > discussed with aja@ and deraadt@ > OK tb@ aja@ (rpe@) ~ install.sub > Comments ... (rpe@) ~ install.sub > Stop using and copying the on-disk /etc/hosts file to the bsd.rd > /tmp dir during upgrade. > Create and use a minimal hosts file instead to avoid that a big > hosts file fills up the small bsd.rd / filesystem as reported > recently by Ted Roby. > Note that network interface configuration using hostnames instead > of ip addresses in hostname.if(5) relies on the on-disk /etc/hosts > file which is not used anymore during upgrade. > discussed with many > ok tb@, halex@ > 'sure' deraadt@ (rpe@) notes ~ arm64/prep > bump block size for dd; 39x faster on my system. > ok tom@ (sthen@) ~ m4.common > xdm -> xenodm(1) (matthieu@) ~ octeon/install ~ octeon/prep > Document some installation quirks for the EdgeRouter Lite in > INSTALL.octeon: > How to deal with USB sticks which are not detected during power up. > How to enable both CPU cores (this also applies to other octeon SMP > systems). > ok pirofti@ visa@ (stsp@) ~ INSTALL ~ packages ~ i386/install ~ landisk/xfer ~ macppc/prep ~ sparc64/install ~ sparc64/xfer > remove/tweak some cd-related text. > ok deraadt (tj@) sets ~ lists/base/md.arm64 > sync (jsg@) ~ lists/base/mi > Switch to xenodm(1). > Do it now deraadt@ (matthieu@) ~ lists/base/mi ~ lists/man/mi > Remove support for pkg.conf in light of the consolidation towards > a single configuration file for the OpenBSD repository location. > The pkg_* tools now use installurl(5) to find the package repository. > NOTE: > /etc/installurl only contains a single URL pointing to a mirror. > Use the PKG_PATH environment variable to specify more than one > package repository. > prodded by and OK deraadt@ aja@ (rpe@) ~ lists/base/mi > sync (deraadt@) ~ lists/base/mi > sync (deraadt@) ~ lists/base/md.alpha ~ lists/base/md.amd64 ~ lists/base/md.armv7 ~ lists/base/md.hppa ~ lists/base/md.i386 ~ lists/base/md.landisk ~ lists/base/md.loongson ~ lists/base/md.luna88k ~ lists/base/md.macppc ~ lists/base/md.octeon ~ lists/base/md.sgi ~ lists/base/md.socppc ~ lists/base/md.sparc64 ~ lists/comp/md.alpha ~ lists/comp/md.amd64 ~ lists/comp/md.armv7 ~ lists/comp/md.hppa ~ lists/comp/md.i386 ~ lists/comp/md.landisk ~ lists/comp/md.loongson ~ lists/comp/md.luna88k ~ lists/comp/md.macppc ~ lists/comp/md.octeon ~ lists/comp/md.sgi ~ lists/comp/md.socppc ~ lists/comp/md.sparc64 > sync (deraadt@) ~ lists/base/mi > sync (deraadt@) == etc =============================================================== 02/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc Makefile ~ Makefile > Switch to xenodm(1). > Do it now deraadt@ (matthieu@) ~ Makefile > Remove support for pkg.conf in light of the consolidation towards > a single configuration file for the OpenBSD repository location. > The pkg_* tools now use installurl(5) to find the package repository. > NOTE: > /etc/installurl only contains a single URL pointing to a mirror. > Use the PKG_PATH environment variable to specify more than one > package repository. > prodded by and OK deraadt@ aja@ (rpe@) changelist ~ changelist > Remove support for pkg.conf in light of the consolidation towards > a single configuration file for the OpenBSD repository location. > The pkg_* tools now use installurl(5) to find the package repository. > NOTE: > /etc/installurl only contains a single URL pointing to a mirror. > Use the PKG_PATH environment variable to specify more than one > package repository. > prodded by and OK deraadt@ aja@ (rpe@) etc.amd64/sysctl.conf ~ etc.amd64/sysctl.conf > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) etc.i386/sysctl.conf ~ etc.i386/sysctl.conf > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) etc.loongson/sysctl.conf ~ etc.loongson/sysctl.conf > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) examples/pkg.conf - examples/pkg.conf > Remove support for pkg.conf in light of the consolidation towards > a single configuration file for the OpenBSD repository location. > The pkg_* tools now use installurl(5) to find the package repository. > NOTE: > /etc/installurl only contains a single URL pointing to a mirror. > Use the PKG_PATH environment variable to specify more than one > package repository. > prodded by and OK deraadt@ aja@ (rpe@) mtree/BSD.x11.dist ~ mtree/BSD.x11.dist > Switch to xenodm(1). > Do it now deraadt@ (matthieu@) rc ~ rc > Switch to xenodm(1). > Do it now deraadt@ (matthieu@) rc.conf ~ rc.conf > Switch to xenodm(1). > Do it now deraadt@ (matthieu@) rc.d/xdm - rc.d/xdm > Switch to xenodm(1). > Do it now deraadt@ (matthieu@) rc.d/xenodm + rc.d/xenodm > Switch to xenodm(1). > Do it now deraadt@ (matthieu@) root/root.mail ~ root/root.mail > crank to 6.1-beta (deraadt@) ~ root/root.mail > fix date and mention installurl way of pkg_add (deraadt@) ~ root/root.mail > bump one more 2016 (tb@) signify/openbsd-62-base.pub + signify/openbsd-62-base.pub > 6.2 key for the future (deraadt@) signify/openbsd-62-fw.pub + signify/openbsd-62-fw.pub > 6.2 key for future firmware (sthen@) signify/openbsd-62-pkg.pub + signify/openbsd-62-pkg.pub > 6.2 key for future packages (naddy@) == gnu =============================================================== 03/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu usr.bin/binutils-2.17 ~ bfd/archive.c ~ bfd/bfd-in.h ~ bfd/bfd-in2.h ~ binutils/ar.c > Implement D and U modifiers to ar; with D the uid/gid/mode/time on the > updated > archive members are set to deterministic values. U cancels D. This should > simplify the syspatch work. > Based on a diff by daniel@ > ok millert@ deraadt@ kettenis@ (guenther@) ~ Makefile.bsd-wrapper > Go back to only specifying --target when building cross. > The OpenBSD triple includes the OpenBSD version. When this recently > changed binutils started building prefixed tools when moving to a new > OpenBSD version which isn't what we want. > ok kettenis@ (jsg@) usr.bin/perl ~ installperl > Better avoid installing versioned perl, makes perlivp happy (afresh1@) == lib =============================================================== 04/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib csu ~ arm/md_init.h > Use a long branch (using movw/movt) to implement MD_SECT_CALL_FUNC. > Necessary (but perhaps not suffcient) to build large binaries on arm. > ok guenther@ (kettenis@) ~ aarch64/md_init.h ~ hppa/md_init.h > Our certbegin/certend is always PIC, so remove the non-PIC > MD_SECT_CALL_FUNC() > implementations. > ok guenther@ (kettenis@) libc ~ arch/alpha/Symbols.list ~ arch/powerpc/Symbols.list ~ arch/sparc64/Symbols.list > RELRO means the __{got,plt}_{start,end} symbols are superfluous > ok kettenis@ (guenther@) ~ asr/asr.c ~ asr/asr_private.h ~ asr/getaddrinfo_async.c ~ asr/res_search_async.c ~ asr/res_send_async.c > Put a common flags field in the query struct, rather than in some > elements of the union. > This field is for internal asr flags. The flags in "struct rrset" and > "struct ni" are different kinds of flags. > ok eric@ (jca@) ~ asr/asr_private.h ~ asr/asr_debug.c > Recognize and allow bits AD and CD in DNS replies. > Needed for RES_USE_DNSSEC support. > ok eric@ gilles@ (jca@) ~ asr/asr_private.h ~ asr/asr_utils.c ~ asr/res_mkquery.c ~ asr/res_send_async.c ~ net/resolver.3 > Add support for RES_USE_DNSSEC > RES_USE_DNSSEC is implemented by setting the DNSSEC DO bit in outgoing > queries. The resolver is then supposed to set the AD bit in the reply > if it managed to validate the answer through DNSSEC. Useful when the > application doesn't implement validation internally. This scheme > assumes that the validating resolver is trusted and that the > communication channel between the validating resolver and and the client > is secure. > ok eric@ gilles@ (jca@) ~ sys/mount.2 > use Dv, for consistency; from bruno flueckiger (jmc@) ~ sys/connect.2 > document EPERM error when connect(2)ing. > ok bluhm@ jmc@ renato@ (benno@) libcrypto ~ objects/objects.txt > Fix typo in issuingDistributionPoint description. (jsing@) ~ Makefile ~ Symbols.list ~ evp/evp.h + evp/m_md5_sha1.c > Add an EVP interface that provides concatenated MD5+SHA1 hashes, which are > used in various parts of TLS 1.0/1.1. > This will allow for code simplification in libssl. > The same interface exists in OpenSSL 1.1. > ok beck@ deraadt@ inoguchi@ millert@ (jsing@) ~ man/EVP_DigestInit.3 > Document EVP_md5_sha1(). (jsing@) ~ shlib_version > Bump minors due to symbol addition. (jsing@) ~ evp/c_all.c > Include EVP_md5_sha1() via OpenSSL_add_all_digests(). (jsing@) ~ hmac/hmac.c > Ensure MD and key initialized before processing HMAC > Ensure both MD and key have been initialized before processing HMAC. > Releasing HMAC_CTX in error path of HMAC(). > In regress test, added test 4,5,6 and cleaned up the code. > ok jsing@ (inoguchi@) librthread ~ Symbols.map > RELRO means the __{got,plt}_{start,end} symbols are superfluous > ok kettenis@ (guenther@) libssl ~ ssl_clnt.c ~ ssl_lib.c ~ ssl_locl.h ~ ssl_srvr.c > Stop pretending that MD5 and SHA1 might not exist - rather than locating > "ssl3-md5" and "ssl-sha1", call the EVP_md5() and EVP_sha1() functions > directly. > ok beck@ inoguchi@ (jsing@) ~ shlib_version > Bump minors due to symbol addition. (jsing@) ~ ssl_algs.c ~ ssl_clnt.c ~ ssl_srvr.c > Convert ssl3_{get,send}_server_key_exchange() to EVP_md5_sha1(). > ok inoguchi@ (jsing@) ~ ssl_clnt.c > Call ssl3_handshake_write() instead of ssl3_do_write() - this was missed > when ssl3_send_client_certificate() was converted to the standard handshake > functions in r1.150 of s3_clnt.c. > This has no impact on TLS, however it causes the DTLS client to fail if the > server sends a certificate request, since the TLS MAC is calculated on a > non-populated DTLS header. > Issue reported by umokk on github. (jsing@) ~ d1_both.c ~ s3_lib.c ~ ssl_locl.h > Drop the second argument of dtls1_set_message_header() and make it a void > function. Nothing makes use of the return value and the second argument > was only used to produce the return value... (jsing@) ~ d1_srvr.c ~ ssl_both.c ~ ssl_clnt.c ~ ssl_srvr.c > Convert various handshake message generation functions to CBB. > ok beck@ inoguchi@ (jsing@) ~ Makefile ~ s3_lib.c ~ ssl_ciph.c ~ ssl_clnt.c ~ ssl_locl.h ~ ssl_srvr.c ~ t1_enc.c + t1_hash.c > Provide a rolling handshake hash that commences as soon as the cipher > suite has been selected, and convert the final finish MAC to use this > handshake hash. > This is a first step towards cleaning up the current handshake > buffer/digest code. > ok beck@ inoguchi@ (jsing@) ~ ssl_packet.c > Correctly convert an SSLv2 challenge into an SSLv3/TLS client random by > truncating or left zero padding. > ok beck@ inoguchi@ sthen@ (jsing@) libtls ~ shlib_version > Bump minors due to symbol addition. (jsing@) ~ man/tls_config_verify.3 > fix error in Dt; from robert klein (jmc@) == regress =========================================================== 05/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libcrypto/evp/evptests.txt > Add EVP test for MD5-SHA1. (jsing@) ~ libcrypto/hmac/hmactest.c > Ensure MD and key initialized before processing HMAC > Ensure both MD and key have been initialized before processing HMAC. > Releasing HMAC_CTX in error path of HMAC(). > In regress test, added test 4,5,6 and cleaned up the code. > ok jsing@ (inoguchi@) ~ libssl/ssl/ssltest.c > Remove handling for SSLv2. (jsing@) ~ libssl/ssl/ssltest.c > Remove commented out code and fix indentation of surrounding statements. > (jsing@) ~ libssl/ssl/ssltest.c > Treat "ERROR in STARTUP" as an actual error, rather than failing without > exiting non-zero (which has been masking a DTLS related issue). Also make > the message consistent with other errors. > Spotted by inogochi@ (jsing@) ~ libssl/Makefile + libssl/server/Makefile + libssl/server/servertest.c > Add an initial regress test that covers the server-side of libssl, by > providing SSL_accept() with fixed ClientHello messages. (jsing@) sbin ~ route/rttest3.ok ~ route/rttest5.ok ~ route/rttest6.ok ~ route/rttest8.ok > Reflect recent net/route.c change. Adding a conflicting route no > longer increment a 'use' counter. (mpi@) sys ~ netinet/ipsec/Makefile ~ netinet/ipsec/ipsec.conf > Add IPsec tests for ipip encapsulation. (bluhm@) ~ net/pflow/Makefile ~ net/pflow/flow.pl > Do not turn on pf in a regression test, require that it has been > enabled before. Better skip the test than create unexpected side > effects. (bluhm@) ~ net/pf_state/Makefile > This test cannot pass while pf on localhost filters packets statefully. > If the local pf is enabled, write a temporary stateless pass rule > into the regress anchor. (bluhm@) ~ netinet6/frag6/LICENSE ~ netinet6/frag6/Makefile > Fragment reassembly code exists in pf and network stack. To test > both, run the tests in a loop. Disable and enable pf on the remote > machine automatically. (bluhm@) ~ netinet6/rh0/Makefile ~ netinet6/rh0/rh0_empty.py ~ netinet6/rh0/rh0_final.py ~ netinet6/rh0/rh0_frag2.py ~ netinet6/rh0/rh0_frag_empty.py ~ netinet6/rh0/rh0_frag_final.py ~ netinet6/rh0/rh0_frag_route.py ~ netinet6/rh0/rh0_none.py ~ netinet6/rh0/rh0_route.py + netinet6/rh0/LICENSE > IPv6 packets with routing header 0 are dropped by pf, but answered > with ICMP6 parameter problem by the network stack. This test expects > the ICMP6 packets, so disable pf on the remote machine temporarily. > (bluhm@) ~ netinet6/frag6/Makefile ~ netinet6/frag6/frag6.py ~ netinet6/frag6/frag6_ext.py ~ netinet6/frag6/frag6_hop.py ~ netinet6/frag6/frag6_mf0atomic.py ~ netinet6/frag6/frag6_mf0long.py ~ netinet6/frag6/frag6_mf0middle.py ~ netinet6/frag6/frag6_mf0short.py ~ netinet6/frag6/frag6_mf1end.py ~ netinet6/frag6/frag6_opt.py ~ netinet6/frag6/frag6_overatomic.py ~ netinet6/frag6/frag6_overdrop.py ~ netinet6/frag6/frag6_overhead.py ~ netinet6/frag6/frag6_overhead0.py ~ netinet6/frag6/frag6_overtail.py ~ netinet6/frag6/frag6_padding.py ~ netinet6/frag6/frag6_permute.py ~ netinet6/frag6/frag6_refrag.py ~ netinet6/frag6/frag6_shortatomic.py ~ netinet6/frag6/frag6_timeout.py ~ netinet6/frag6/frag6_udpatomic.py ~ netinet6/frag6/frag6_udpheader.py ~ netinet6/frag6/frag6_udppayload.py ~ netinet6/frag6/frag6_zerofirst.py ~ netinet6/frag6/frag6_zerosecond.py ~ netinet6/nd6/Makefile ~ netinet6/nd6/nd6_ar.py ~ netinet6/nd6/nd6_dad.py ~ netinet6/nd6/nd6_nud.py ~ netinet6/nd6/nd6_una.py ~ netinet6/rh0/Makefile ~ netinet6/rh0/rh0_empty.py ~ netinet6/rh0/rh0_final.py ~ netinet6/rh0/rh0_frag2.py ~ netinet6/rh0/rh0_frag_empty.py ~ netinet6/rh0/rh0_frag_final.py ~ netinet6/rh0/rh0_frag_route.py ~ netinet6/rh0/rh0_none.py ~ netinet6/rh0/rh0_route.py + netinet6/nd6/LICENSE > Use consistent address schema with local and remote machine. Fill > variables with example IPs from my daily test run. (bluhm@) ~ arch/hppa/Makefile ~ arch/m88k/Makefile ~ arch/sparc64/Makefile > Print SKIPPED if the architecture dependent regression tests are > executed on the wrong machine. This allows to distinguish their > result from a passed test. (bluhm@) ~ netinet6/frag6/Makefile ~ netinet6/rh0/Makefile > Avoid warnings from ssh -t, check remote SUDO at beginning. (bluhm@) ~ arch/hppa/Makefile ~ arch/m88k/Makefile ~ arch/sparc64/Makefile > Print message why tests are skipped. (bluhm@) - net/pflow/Net/Flow.pm ~ net/pflow/Makefile ~ net/pflow/flow.pl ~ net/pflow/template.pl > Do not use an obsolete copy of a Perl module from CPAN for testing. > Require that the p5-Net-Flow package is installed and use it. (bluhm@) usr.bin ~ mandoc/Makefile.inc ~ mandoc/Makefile.sub > Infrastructure for -T markdown tests. > This is needed because -T marksdown is expected to receive less > maintenance than -T ascii, so we need automation to make sure > that regular parser maintenance doesn't break this output mode. (schwarze@) ~ mandoc/mdoc/Ad/Makefile ~ mandoc/mdoc/Ap/Makefile ~ mandoc/mdoc/Aq/Makefile ~ mandoc/mdoc/Ar/Makefile ~ mandoc/mdoc/At/Makefile ~ mandoc/mdoc/Bl/Makefile ~ mandoc/mdoc/Brq/Makefile ~ mandoc/mdoc/Bx/Makefile ~ mandoc/mdoc/Cd/Makefile ~ mandoc/mdoc/Cm/Makefile ~ mandoc/mdoc/Dd/Makefile ~ mandoc/mdoc/Dl/Makefile ~ mandoc/mdoc/Dq/Makefile ~ mandoc/mdoc/Dt/Makefile ~ mandoc/mdoc/Dv/Makefile ~ mandoc/mdoc/Em/Makefile ~ mandoc/mdoc/Eo/Makefile ~ mandoc/mdoc/Er/Makefile ~ mandoc/mdoc/Ev/Makefile ~ mandoc/mdoc/Ex/Makefile ~ mandoc/mdoc/Fd/Makefile ~ mandoc/mdoc/Fl/Makefile ~ mandoc/mdoc/Fo/Makefile ~ mandoc/mdoc/Ft/Makefile ~ mandoc/mdoc/Ic/Makefile ~ mandoc/mdoc/In/Makefile ~ mandoc/mdoc/Lb/Makefile ~ mandoc/mdoc/Li/Makefile ~ mandoc/mdoc/Lk/Makefile ~ mandoc/mdoc/Ms/Makefile ~ mandoc/mdoc/Mt/Makefile ~ mandoc/mdoc/Nd/Makefile ~ mandoc/mdoc/Nm/Makefile ~ mandoc/mdoc/No/Makefile ~ mandoc/mdoc/Ns/Makefile ~ mandoc/mdoc/Oo/Makefile ~ mandoc/mdoc/Op/Makefile ~ mandoc/mdoc/Os/Makefile ~ mandoc/mdoc/Ox/Makefile ~ mandoc/mdoc/Pa/Makefile ~ mandoc/mdoc/Pf/Makefile ~ mandoc/mdoc/Pp/Makefile ~ mandoc/mdoc/Qq/Makefile ~ mandoc/mdoc/Rs/Makefile ~ mandoc/mdoc/Rv/Makefile ~ mandoc/mdoc/Sh/Makefile ~ mandoc/mdoc/Sm/Makefile ~ mandoc/mdoc/Sq/Makefile ~ mandoc/mdoc/St/Makefile ~ mandoc/mdoc/Sx/Makefile ~ mandoc/mdoc/Sy/Makefile ~ mandoc/mdoc/Tn/Makefile ~ mandoc/mdoc/Ud/Makefile ~ mandoc/mdoc/Ux/Makefile ~ mandoc/mdoc/Va/Makefile ~ mandoc/mdoc/Vt/Makefile ~ mandoc/mdoc/Xr/Makefile ~ mandoc/mdoc/blank/Makefile ~ mandoc/mdoc/break/Makefile + mandoc/mdoc/Ad/font.out_markdown + mandoc/mdoc/Ad/noarg.out_markdown + mandoc/mdoc/Ap/eos.out_markdown + mandoc/mdoc/Ap/middle.out_markdown + mandoc/mdoc/Aq/empty.out_markdown + mandoc/mdoc/Ar/font.out_markdown + mandoc/mdoc/Ar/punct.out_markdown + mandoc/mdoc/At/invalid.out_markdown + mandoc/mdoc/Bl/bareIt.out_markdown + mandoc/mdoc/Bl/bareTa.out_markdown + mandoc/mdoc/Bl/breakingTa.out_markdown + mandoc/mdoc/Bl/bullet.out_markdown + mandoc/mdoc/Bl/dash.out_markdown + mandoc/mdoc/Bl/diag.out_markdown + mandoc/mdoc/Bl/empty.out_markdown + mandoc/mdoc/Bl/emptyitem.out_markdown + mandoc/mdoc/Bl/enum.out_markdown + mandoc/mdoc/Bl/item.out_markdown + mandoc/mdoc/Bl/multitype.out_markdown + mandoc/mdoc/Bl/notype.out_markdown + mandoc/mdoc/Bl/ohang.out_markdown + mandoc/mdoc/Bl/unclosed.out_markdown + mandoc/mdoc/Brq/empty.out_markdown + mandoc/mdoc/Bx/args.out_markdown + mandoc/mdoc/Cd/eos.out_markdown + mandoc/mdoc/Cd/font.out_markdown + mandoc/mdoc/Cd/noarg.out_markdown + mandoc/mdoc/Cm/basic.out_markdown + mandoc/mdoc/Cm/font.out_markdown + mandoc/mdoc/Cm/noarg.out_markdown + mandoc/mdoc/Dd/badarg.out_markdown + mandoc/mdoc/Dd/dupe.out_markdown + mandoc/mdoc/Dd/late.out_markdown + mandoc/mdoc/Dd/long.out_markdown + mandoc/mdoc/Dd/manarg.out_markdown + mandoc/mdoc/Dd/order.out_markdown + mandoc/mdoc/Dl/spacing.out_markdown + mandoc/mdoc/Dq/empty.out_markdown + mandoc/mdoc/Dt/case.out_markdown + mandoc/mdoc/Dt/dupe.out_markdown + mandoc/mdoc/Dt/fourargs.out_markdown + mandoc/mdoc/Dt/late.out_markdown + mandoc/mdoc/Dt/missing.out_markdown + mandoc/mdoc/Dt/noarg.out_markdown + mandoc/mdoc/Dt/nobody.out_markdown + mandoc/mdoc/Dt/nosec.out_markdown + mandoc/mdoc/Dt/order.out_markdown + mandoc/mdoc/Dv/font.out_markdown + mandoc/mdoc/Dv/noarg.out_markdown + mandoc/mdoc/Em/font.out_markdown + mandoc/mdoc/Em/noarg.out_markdown + mandoc/mdoc/Em/punct.out_markdown + mandoc/mdoc/Eo/break.out_markdown + mandoc/mdoc/Eo/obsolete.out_markdown + mandoc/mdoc/Eo/unclosed.out_markdown + mandoc/mdoc/Er/font.out_markdown + mandoc/mdoc/Er/noarg.out_markdown + mandoc/mdoc/Ev/font.out_markdown + mandoc/mdoc/Ev/noarg.out_markdown + mandoc/mdoc/Ex/args.out_markdown + mandoc/mdoc/Ex/noname.out_markdown + mandoc/mdoc/Ex/nostd.out_markdown + mandoc/mdoc/Fd/break.out_markdown + mandoc/mdoc/Fd/eos.out_markdown + mandoc/mdoc/Fd/font.out_markdown + mandoc/mdoc/Fl/font.out_markdown + mandoc/mdoc/Fl/multiarg.out_markdown + mandoc/mdoc/Fl/noarg.out_markdown + mandoc/mdoc/Fl/punct.out_markdown + mandoc/mdoc/Fo/basic.out_markdown + mandoc/mdoc/Fo/break.out_markdown + mandoc/mdoc/Fo/eos.out_markdown + mandoc/mdoc/Fo/font.out_markdown + mandoc/mdoc/Fo/noarg.out_markdown + mandoc/mdoc/Fo/nohead.out_markdown + mandoc/mdoc/Fo/obsolete.out_markdown + mandoc/mdoc/Fo/punct.out_markdown + mandoc/mdoc/Fo/section.out_markdown + mandoc/mdoc/Fo/warn.out_markdown + mandoc/mdoc/Ft/font.out_markdown + mandoc/mdoc/Ic/font.out_markdown + mandoc/mdoc/Ic/noarg.out_markdown + mandoc/mdoc/In/eos.out_markdown + mandoc/mdoc/In/font.out_markdown + mandoc/mdoc/Lb/badargs.out_markdown + mandoc/mdoc/Lb/break.out_markdown + mandoc/mdoc/Lb/eos.out_markdown + mandoc/mdoc/Li/font.out_markdown + mandoc/mdoc/Li/punct.out_markdown + mandoc/mdoc/Lk/link.out_markdown + mandoc/mdoc/Lk/noarg.out_markdown + mandoc/mdoc/Ms/font.out_markdown + mandoc/mdoc/Ms/noarg.out_markdown + mandoc/mdoc/Mt/simple.out_markdown + mandoc/mdoc/Nd/hyph.out_markdown + mandoc/mdoc/Nd/noarg.out_markdown + mandoc/mdoc/Nd/par.out_markdown + mandoc/mdoc/Nm/break.out_markdown + mandoc/mdoc/Nm/broken.out_markdown + mandoc/mdoc/Nm/empty.out_markdown + mandoc/mdoc/Nm/font.out_markdown + mandoc/mdoc/Nm/long.out_markdown + mandoc/mdoc/Nm/par.out_markdown + mandoc/mdoc/Nm/parns.out_markdown + mandoc/mdoc/Nm/punct.out_markdown + mandoc/mdoc/No/punct.out_markdown + mandoc/mdoc/No/spacing.out_markdown + mandoc/mdoc/Ns/position.out_markdown + mandoc/mdoc/Ns/punct.out_markdown + mandoc/mdoc/Oo/punct.out_markdown + mandoc/mdoc/Op/break.out_markdown + mandoc/mdoc/Op/broken.out_markdown + mandoc/mdoc/Op/punct.out_markdown + mandoc/mdoc/Os/dupe.out_markdown + mandoc/mdoc/Os/late.out_markdown + mandoc/mdoc/Os/long.out_markdown + mandoc/mdoc/Os/missing.out_markdown + mandoc/mdoc/Ox/keep.out_markdown + mandoc/mdoc/Pa/font.out_markdown + mandoc/mdoc/Pa/punct.out_markdown + mandoc/mdoc/Pf/spacing.out_markdown + mandoc/mdoc/Pp/arg.out_markdown + mandoc/mdoc/Qq/empty.out_markdown + mandoc/mdoc/Rs/allch.out_markdown + mandoc/mdoc/Rs/args.out_markdown + mandoc/mdoc/Rs/break.out_markdown + mandoc/mdoc/Rs/empty.out_markdown + mandoc/mdoc/Rs/three_authors.out_markdown + mandoc/mdoc/Rv/args.out_markdown + mandoc/mdoc/Rv/nostd.out_markdown + mandoc/mdoc/Sh/badNAME.out_markdown + mandoc/mdoc/Sh/before.out_markdown + mandoc/mdoc/Sh/empty.out_markdown + mandoc/mdoc/Sh/emptyNAME.out_markdown + mandoc/mdoc/Sh/first.out_markdown + mandoc/mdoc/Sh/nohead.out_markdown + mandoc/mdoc/Sh/order.out_markdown + mandoc/mdoc/Sh/orderNAME.out_markdown + mandoc/mdoc/Sh/punctNAME.out_markdown + mandoc/mdoc/Sh/subbefore.out_markdown + mandoc/mdoc/Sm/badarg.out_markdown + mandoc/mdoc/Sm/noarg.out_markdown + mandoc/mdoc/Sm/spacing-No.out_markdown + mandoc/mdoc/Sm/spacing-Op.out_markdown + mandoc/mdoc/Sm/twoarg.out_markdown + mandoc/mdoc/Sq/empty.out_markdown + mandoc/mdoc/St/badargs.out_markdown + mandoc/mdoc/St/call.out_markdown + mandoc/mdoc/Sx/font.out_markdown + mandoc/mdoc/Sx/noarg.out_markdown + mandoc/mdoc/Sy/font.out_markdown + mandoc/mdoc/Sy/noarg.out_markdown + mandoc/mdoc/Sy/punct.out_markdown + mandoc/mdoc/Tn/font.out_markdown + mandoc/mdoc/Tn/noarg.out_markdown + mandoc/mdoc/Ud/arg.out_markdown + mandoc/mdoc/Ux/eos.out_markdown + mandoc/mdoc/Ux/spacing.out_markdown + mandoc/mdoc/Va/basic.out_markdown + mandoc/mdoc/Va/font.out_markdown + mandoc/mdoc/Va/noarg.out_markdown + mandoc/mdoc/Vt/child.out_markdown + mandoc/mdoc/Vt/font.out_markdown + mandoc/mdoc/Vt/noarg.out_markdown + mandoc/mdoc/Vt/spacing.out_markdown + mandoc/mdoc/Xr/args.out_markdown + mandoc/mdoc/blank/comment.out_markdown + mandoc/mdoc/blank/list.out_markdown + mandoc/mdoc/break/brokenbreaker.out_markdown + mandoc/mdoc/break/notopen.out_markdown + mandoc/mdoc/break/twice.out_markdown + mandoc/mdoc/break/two.out_markdown > first batch of -T markdown tests (schwarze@) == sbin ============================================================== 06/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin disklabel ~ disklabel.c ~ editor.c ~ extern.h > Allow R (resize auto-partition) after A as well as when started with -A. > This ability was lost in editor.c 1.264; noted by ajacoutot@; ok krw@ > (otto@) iked ~ pfkey.c > Depending on the addresses, ipsecctl(8) automatically groups sa > bundles together. Extend the kernel interface to export the bundle > information to userland. Then ipsecctl -ss -v can show the internal > relations. Unfortunately the header SADB_X_EXT_PROTOCOL was reused > by SADB_X_GRPSPIS, so it cannot be used to transfer the second sa > type with sysctl. Introduce a new SADB_X_EXT_SATYPE2 and use it > consistently. > OK hshoexer@ markus@ (bluhm@) init ~ init.c > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) ipsecctl ~ pfkdump.c ~ pfkey.c > Depending on the addresses, ipsecctl(8) automatically groups sa > bundles together. Extend the kernel interface to export the bundle > information to userland. Then ipsecctl -ss -v can show the internal > relations. Unfortunately the header SADB_X_EXT_PROTOCOL was reused > by SADB_X_GRPSPIS, so it cannot be used to transfer the second sa > type with sysctl. Introduce a new SADB_X_EXT_SATYPE2 and use it > consistently. > OK hshoexer@ markus@ (bluhm@) ~ ipsecctl.c ~ pfkdump.c > Now that the kernel provides information about IPsec SA bundles, > print them by default. > OK hshoexer@ (bluhm@) isakmpd ~ pf_key_v2.c > Depending on the addresses, ipsecctl(8) automatically groups sa > bundles together. Extend the kernel interface to export the bundle > information to userland. Then ipsecctl -ss -v can show the internal > relations. Unfortunately the header SADB_X_EXT_PROTOCOL was reused > by SADB_X_GRPSPIS, so it cannot be used to transfer the second sa > type with sysctl. Introduce a new SADB_X_EXT_SATYPE2 and use it > consistently. > OK hshoexer@ markus@ (bluhm@) reboot ~ reboot.c > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) route ~ route.c > Implement a new routing message RTM_PROPOSAL that communicates > information that can be used to configure an interface and > related network components. > ok bluhm@, ok for various older versions mpi@ florian@ claudio@ (krw@) sysctl ~ sysctl.8 > Add machdep.lidaction to list of sysctls. > prodded by Stefan Wollny via tb > ok tb jmc (natano@) == share ============================================================= 07/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share locale ~ ctype/en_US.UTF-8.src > Update to unicode 8 > OK schwarze@ (afresh1@) man ~ man9/buffercache.9 > geteblk() has been switched to size_t. > ok stefan, as part of a larger diff (natano@) ~ man4/pci.4 > mention pciecam on arm64 (jsg@) ~ man4/man4.armv7/omap.4 ~ man4/man4.armv7/edma.4 > edma attaches to fdt now (jsg@) ~ man5/bsd.port.mk.5 > gc really old stuff that's not actually in use anymore (espie@) ~ man8/afterboot.8 > xdm -> xenodm; from jan stary (jmc@) ~ man4/re.4 > 8168 support jumbo frames; (jmc@) mk ~ sys.mk > crank to 6.1-beta (deraadt@) zoneinfo ~ datfiles/africa ~ datfiles/antarctica ~ datfiles/asia ~ datfiles/australasia ~ datfiles/backward ~ datfiles/europe ~ datfiles/leapseconds ~ datfiles/northamerica ~ datfiles/southamerica ~ datfiles/zone.tab ~ datfiles/zone1970.tab > Update to tzdata2017a from ftp.iana.org (millert@) ~ datfiles/africa > Silence a warning from zic about a too long zone name (POSIX limits TZ to 6 > characters) (millert@) == sys =============================================================== 08/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/alpha ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/amd64/amd64 ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) ~ vmm.c > Refactor cpuid exit handler to make it easier to bolt on SVM support > shortly (instead of having two nearly identical functions.) > ok reyk (mlarkin@) ~ vmm.c > reduce differences in vmm between amd64 and i386 (i386 picks up a handful > of recent fixes for SVM that were missed). No functional change on amd64 > (just an added comment) (mlarkin@) ~ vmm.c > reduce some more differences in vmm between i386 and amd64 that didn't > get picked up previously. i386 gets some changes relating to EFER > treatment and amd64 gets a whitespace fix. (mlarkin@) ~ vmm.c > log attempts to access cpuid leaf function 0x03, "processor serial number". > matches other log messages for other unimplemented cpuid leaf functions. > (mlarkin@) ~ machdep.c > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) ~ db_interface.c ~ trap.c > Whan an amd64 machine got an NMI, the current process in user land > was killed with SIGBUS. Better drop to ddb regardless wether a > user process is currently scheduled or not. NMI signals hardware > failure or a debug button. The code in i386 trap() has always been > that way. The switch in db_ktrap() must also not depend on the > fact wether kernel or user land is running. > OK deraadt@ (bluhm@) ~ db_disasm.c > Teach the ddb disassembler about most of the vm* instructions > ok mlarkin@ (guenther@) arch/amd64/include ~ cpu.h > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) arch/amd64/stand/efiboot ~ efiboot.c > Fix the code which preserves the device path of the loaded image if > booting from a disk. It had a typo. Also tweak the code which finds > the blkio of the boot disk to show how it is matching the device path > nodes clearly. found by and discussed with patrick@. (yasuoka@) ~ efiboot.c > Delete "comspeed" which had been mistakenly added as a int value. > (yasuoka@) arch/amd64/stand/libsa ~ dev_i386.c > Don't try to access the com(4) hardware to set up the console speed > on efiboot(8), as it can crash the EFI application. > ok tom@ (patrick@) arch/arm/arm ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/arm/include ~ cpu.h > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) ~ cpu.h > Fix the lidsuspend sysctl name in arm/include/cpu.h > From Markus Hennecke, thanks (tom@) arch/arm64/arm64 ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/arm64/conf ~ GENERIC > build with USER_PCICONF to enable /dev/pci* (jsg@) ~ GENERIC ~ RAMDISK > Remove SYSCALL_DEBUG arm64 has been multiuser for a while now. > ok patrick@ (jsg@) ~ RAMDISK > enable FFS2 on armv7 and arm64 ramdisks (jsg@) arch/armv7/conf ~ GENERIC ~ RAMDISK > Dynamically attach edma(4) using the FDT. > From Ian Sutton. (jsg@) ~ RAMDISK > enable FFS2 on armv7 and arm64 ramdisks (jsg@) ~ GENERIC > Convert a few exynos drivers to attach using the FDT. (kettenis@) ~ RAMDISK > matching commit for RAMDISK: Convert a few exynos drivers to attach using > the FDT. (deraadt@) ~ GENERIC > Turn exgpio(4) into a pinctrl driver. (kettenis@) ~ RAMDISK > match GENERIC (deraadt@) arch/armv7/exynos ~ exclock.c ~ exdog.c ~ exehci.c ~ exesdhc.c ~ exmct.c ~ expower.c ~ exsysreg.c ~ files.exynos > Convert a few exynos drivers to attach using the FDT. (kettenis@) ~ exuart.c > The current code in exuartcnputc() that tries to make sure the character > written is actually transmitted doesn't seem to work. Instead, wait until > there is room in the TX FIFO before writing the character. This works only > in FIFO mode, but that's how u-boot configures the chip. > ok patrick@ (kettenis@) ~ exuart.c > Clear pending interrupts and mask them all. (kettenis@) - exgpiovar.h ~ exehci.c ~ exesdhc.c ~ exgpio.c ~ exiic.c ~ files.exynos > Turn exgpio(4) into a pinctrl driver. (kettenis@) arch/armv7/omap ~ edma.c ~ files.omap > Dynamically attach edma(4) using the FDT. > From Ian Sutton. (jsg@) ~ omap.c ~ am335x.c > remove remaining parts of the table driven approach to attaching edma > (jsg@) ~ am335x.c ~ omap3.c ~ omap4.c > Remove unused table driven omgpio bits. (jsg@) arch/hppa/conf ~ Makefile.hppa > Build hppa kernels with -ffreestanding. (kettenis@) arch/hppa/hppa ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/i386/i386 ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) ~ vmm.c > reduce differences in vmm between amd64 and i386 (i386 picks up a handful > of recent fixes for SVM that were missed). No functional change on amd64 > (just an added comment) (mlarkin@) ~ vmm.c > reduce some more differences in vmm between i386 and amd64 that didn't > get picked up previously. i386 gets some changes relating to EFER > treatment and amd64 gets a whitespace fix. (mlarkin@) ~ vmm.c > refactor cpuid exit handler for easier merge with upcoming SVM version. > Matches amd64 commit made yesterday. (mlarkin@) ~ machdep.c > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) ~ db_interface.c ~ trap.c > Whan an amd64 machine got an NMI, the current process in user land > was killed with SIGBUS. Better drop to ddb regardless wether a > user process is currently scheduled or not. NMI signals hardware > failure or a debug button. The code in i386 trap() has always been > that way. The switch in db_ktrap() must also not depend on the > fact wether kernel or user land is running. > OK deraadt@ (bluhm@) ~ db_disasm.c > Teach the ddb disassembler about most of the vm* instructions > ok mlarkin@ (guenther@) arch/i386/include ~ cpu.h > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) arch/landisk/landisk ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/loongson/loongson ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) ~ machdep.c > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) arch/luna88k/luna88k ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/macppc/macppc ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/macppc/stand/tbxidata ~ bsd.tbxi > crank to 6.1-beta (deraadt@) arch/mips64/include ~ cpu.h > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) arch/octeon/include ~ cpu.h > Define cache line size for the per-cpu API. (visa@) arch/octeon/octeon ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/sgi/sgi ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/socppc/socppc ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) arch/sparc64/sparc64 ~ disksubr.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) conf ~ newvers.sh > crank to 6.1-beta (deraadt@) dev/acpi ~ acpi.c ~ acpibtn.c ~ acpisony.c ~ acpithinkpad.c ~ acpitoshiba.c ~ acpivar.h > Untangle abstract sleep modes from ACPI sleep states. This paves the way > for further work in the area. > idea and ok deraadt > ok mlarkin (natano@) ~ acpi.c ~ acpibtn.c > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) dev/fdt ~ psci.c > Add support for the older generation spec of PSCI, which supports > shutdown and reset only if the function id is explicitly provided > in the device tree. For the newer implementations we are supposed > to be using the specified function ids only. > With and ok jsg@ (patrick@) dev/ic ~ ahci.c > When we're unable to determine which NCQ command failed, fail all active > commands rather than proceeding to an assertion failure. This matches > how we handle the same condition with non-queued commands, and the > behaviour of every other ahci driver I can find. Add a printf there so > we might get some idea of how often this condition arises and what happens > afterwards. > ok dlg@ (jmatthew@) dev/isa ~ aps.c > Add a new sysctl machdep.lidaction. The sysctl works as follows: > machdep.lidaction=0 # do nothing > machdep.lidaction=1 # suspend > machdep.lidaction=2 # hibernate > lidsuspend is just an alias for lidaction, so if you change one, the > other one will have the same value. The plan is to remove > machdep.lidsuspend eventually when people have upgraded their > /ets/sysctl.conf. > discussed with deraadt, who came up with the new MIB name > no objections mlarkin > ok stsp halex jcs (natano@) dev/pckbc ~ pms.c > pms/synaptics: configure wsmouse for handling compat-mode > ok @matthieu @stsp @mpi (bru@) ~ pms.c > pms/elantech-v4: configure wsmouse for handling compat-mode > ok @matthieu @stsp @mpi (bru@) dev/wscons ~ files.wscons ~ wsconsio.h ~ wsmouse.c ~ wsmouseinput.h ~ wsmousevar.h + wstpad.c > Handle touchpad input in wsmouse. > The wstpad file contains the core of a touchpad-input driver that > is coupled with wsmouse. It is active in compat-mode if wsmouse has > been configured for it. > ok @matthieu @stsp @mpi (bru@) kern ~ uipc_domain.c > Retire the AF_MPLS protosw struct. Nothing is using it and the code was > super > basic anyway. Simplifies the code a lot also by calling the mpls sysctl no > longer via the protosw but instead directly. > OK mpi@ on a previous diff. Also tested by renato@ who actually found a bug > which is now fixed. (claudio@) ~ vfs_bio.c > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) ~ uipc_proto.c > Convert domain declarations to C99 initializers. > ok dhill@, florian@, bluhm@ (mpi@) ~ uipc_socket.c > Prevent a recursion in the socket layer. > Always defere soreceive() to an nfsd(8) process instead of doing it in > the 'softnet' thread. Avoiding this recursion ensure that we do not > introduce a new sleeping point by releasing and grabbing the netlock. > Tested by many, committing now in order to find possible performance > regression. (mpi@) ~ exec_elf.c > Generating a coredump requires walking the map twice; change > uvm_coredump_walkmap() to do both with a callback in between > so it can hold locks/change state across the two. > ok stefan@ (guenther@) net ~ rtable.c ~ art.c ~ art.h > Prevent a MP race in rtable_lookup(). > If an ART node is linked to multiple route entries, in the MPATH case, > it is not safe to dereference ``an_dst''. This non-refcounted pointer > can be changed at any time by another CPU. > So get rid of the pointer and use the first destination of a route entry > when comparing sockaddrs. > This allows us so remove a pointer from 'struct art_node' and save 5Mb of > memory in an IPv4 fullfeed. > ok jmatthew@, claudio@, dlg@ (mpi@) ~ route.c > Use rtable_match() rather than rtalloc(9) when adding a new route. > rtalloc(9) should be reserved for the hot path otherwise it's hard > to interpret the value of the 'use' counter. > ok claudio@ (mpi@) ~ if.c > Don't change the up status of the interface when changing its rdomain. > Diff from nagasaka@iij. > ok mpi (yasuoka@) ~ pfkeyv2.c ~ pfkeyv2.h ~ pfkeyv2_convert.c ~ pfkeyv2_parsemessage.c > Depending on the addresses, ipsecctl(8) automatically groups sa > bundles together. Extend the kernel interface to export the bundle > information to userland. Then ipsecctl -ss -v can show the internal > relations. Unfortunately the header SADB_X_EXT_PROTOCOL was reused > by SADB_X_GRPSPIS, so it cannot be used to transfer the second sa > type with sysctl. Introduce a new SADB_X_EXT_SATYPE2 and use it > consistently. > OK hshoexer@ markus@ (bluhm@) ~ switchofp.c > Remove a misleading comment asking if a timeout needs a LOCK, it doesn't. > ok goda@ (mpi@) ~ if_mpw.c ~ route.c > Allow MPLS switching and VPLS across rdomains. > OK claudio@ mpi@ (renato@) ~ pfkey.c ~ rtsock.c > Convert domain declarations to C99 initializers. > ok dhill@, florian@, bluhm@ (mpi@) ~ rtsock.c > Fix a rtentry leak in error path. > ok bluhm@ (mpi@) ~ route.h ~ rtsock.c > Implement a new routing message RTM_PROPOSAL that communicates > information that can be used to configure an interface and > related network components. > ok bluhm@, ok for various older versions mpi@ florian@ claudio@ (krw@) ~ if_ppp.c > Remove non longer needed splsoftnet()/splx() dances. (mpi@) ~ rtsock.c > It is allowed to sleep in route_output() as we run in process context > and do no critical operations on global structures or per socket. > The route entry we are working on is reference counted. Call > malloc(9) with M_WAITOK and remove the NULL result checks. > OK mpi@ (bluhm@) ~ pfkey.c ~ raw_usrreq.c ~ route.h ~ rtsock.c > Convert the variable argument list of the pr_output functions to > fixed parameters. > OK mpi@ claudio@ dhill@ (bluhm@) net80211 ~ ieee80211_input.c ~ ieee80211_node.h ~ ieee80211_pae_input.c ~ ieee80211_pae_output.c ~ ieee80211_proto.c > Fix a bug allowing a man-in-the-middle attack against WPA wireless clients. > A malicious AP could trick clients into connecting to the malicious AP > instead of the desired AP. All frames would then be sent in the clear. > This problem was found and reported by Mathy Vanhoef who also provided > an initial patch which we improved together. (stsp@) ~ ieee80211_pae_input.c > Fix some DPRINTFs I just added to ieee80211_pae_input.c. > No fnuctional change. (stsp@) ~ ieee80211_input.c ~ ieee80211_node.h ~ ieee80211_pae_input.c ~ ieee80211_pae_output.c ~ ieee80211_proto.c TAGGED OPENBSD_5_9 > MFC: Fix a bug allowing a man-in-the-middle attack against WPA wireless > clients. > A malicious AP could trick clients into connecting to the malicious AP > instead of the desired AP. All frames would then be sent in the clear. > This problem was found and reported by Mathy Vanhoef who also provided > an initial patch which we improved together. > (OpenBSD 6.0 errata 18, Mar 1, 2017) > by and ok stsp@ (benno@) ~ ieee80211_input.c ~ ieee80211_node.h ~ ieee80211_pae_input.c ~ ieee80211_pae_output.c ~ ieee80211_proto.c TAGGED OPENBSD_6_0 > MFC: Fix a bug allowing a man-in-the-middle attack against WPA wireless > clients. > A malicious AP could trick clients into connecting to the malicious AP > instead of the desired AP. All frames would then be sent in the clear. > This problem was found and reported by Mathy Vanhoef who also provided > an initial patch which we improved together. > (OpenBSD 5.9 errata 35, Mar 1, 2017) > by and ok stsp@ (benno@) ~ ieee80211_proto.c TAGGED OPENBSD_6_0 > Initialize 'ni' pointer in ieee80211_keyrun(). Fallout from last minute > changes I made to my WPA security patch. Affects WPA enterprise only. > Problem found by patrick@ > ok sthen@ (stsp@) ~ ieee80211_proto.c TAGGED OPENBSD_6_0 > Merge ieee80211_proto.c r1.74 to 6.0-stable: > Initialize 'ni' pointer in ieee80211_keyrun(). Fallout from last minute > changes I made to my WPA security patch. Affects WPA enterprise only. > Problem found by patrick@ > ok sthen@ (stsp@) ~ ieee80211_proto.c TAGGED OPENBSD_5_9 > Merge ieee80211_proto.c r1.74 to 5.9-stable: > Initialize 'ni' pointer in ieee80211_keyrun(). Fallout from last minute > changes I made to my WPA security patch. Affects WPA enterprise only. > Problem found by patrick@ > ok sthen@ (stsp@) ~ ieee80211_node.c ~ ieee80211_node.h TAGGED OPENBSD_5_9 > In 11n hostap mode, dynamically adjust HT protection settings based on > the presence of non-HT nodes in the node cache. > OpenBSD 11n APs will now disable HT protection if it is not necessary. > ok mpi@ (stsp@) netinet ~ ipsec_input.c > Some refactoring in ip6_input() needed to un-KERNEL_LOCK() the IPv6 > forwarding path. > Rename ip6_ours() in ip6_local() as this function dispatches packets > to the upper layer. > Introduce ip6_ours() and get rid of 'goto hbhcheck'. This function > will be later used to enqueue local packets. > As a bonus this reduces differences with IPv4. > Inputs and ok bluhm@ (mpi@) ~ in_proto.c > Convert domain declarations to C99 initializers. > ok dhill@, florian@, bluhm@ (mpi@) ~ ip_var.h ~ raw_ip.c > Convert the variable argument list of the pr_output functions to > fixed parameters. > OK mpi@ claudio@ dhill@ (bluhm@) netinet6 ~ ip6_input.c ~ ip6_var.h > Some refactoring in ip6_input() needed to un-KERNEL_LOCK() the IPv6 > forwarding path. > Rename ip6_ours() in ip6_local() as this function dispatches packets > to the upper layer. > Introduce ip6_ours() and get rid of 'goto hbhcheck'. This function > will be later used to enqueue local packets. > As a bonus this reduces differences with IPv4. > Inputs and ok bluhm@ (mpi@) ~ in6_proto.c > Convert domain declarations to C99 initializers. > ok dhill@, florian@, bluhm@ (mpi@) ~ icmp6.c > Use the routing table rather than the global list of IPv6 address. > ok bluhm@ (mpi@) ~ nd6.c > Prefer the global list of interfaces to the dying global list of IPv6 > addresses in nd6_timer(). > ok bluhm@ (mpi@) ~ nd6_rtr.c > Iterate over the global list of interfaces instead of using the global > list of IPv6 addresses. > ok bluhm@ (mpi@) ~ nd6.c > Iterate over the global list of interfaces instead of using the global > list of IPv6 addresses. > ok bluhm@ (mpi@) ~ icmp6.c > Replace a panic with a compile time assert in icmp6_reflect(). > OK mpi@ (bluhm@) ~ ip6_var.h ~ raw_ip6.c > Convert the variable argument list of the pr_output functions to > fixed parameters. > OK mpi@ claudio@ dhill@ (bluhm@) netmpls ~ mpls.h ~ mpls_input.c ~ mpls_proto.c ~ mpls_raw.c > Retire the AF_MPLS protosw struct. Nothing is using it and the code was > super > basic anyway. Simplifies the code a lot also by calling the mpls sysctl no > longer via the protosw but instead directly. > OK mpi@ on a previous diff. Also tested by renato@ who actually found a bug > which is now fixed. (claudio@) ~ mpls.h > Remove mpls_raw_usrreq() prototype, that function is gone. (claudio@) ~ mpls_input.c > Allow MPLS switching and VPLS across rdomains. > OK claudio@ mpi@ (renato@) ~ mpls_proto.c > Convert domain declarations to C99 initializers. > ok dhill@, florian@, bluhm@ (mpi@) nfs ~ nfs_socket.c > Prevent a recursion in the socket layer. > Always defere soreceive() to an nfsd(8) process instead of doing it in > the 'softnet' thread. Avoiding this recursion ensure that we do not > introduce a new sleeping point by releasing and grabbing the netlock. > Tested by many, committing now in order to find possible performance > regression. (mpi@) stand ~ efi/include/efidevp.h > Update header to clean up defines, add the SATA device path and the > EFI_DEVICE_PATH_TO_TEXT_PROTOCOL protocol. > ok yasuoka@ (patrick@) sys ~ sysctl.h > Retire the AF_MPLS protosw struct. Nothing is using it and the code was > super > basic anyway. Simplifies the code a lot also by calling the mpls sysctl no > longer via the protosw but instead directly. > OK mpi@ on a previous diff. Also tested by renato@ who actually found a bug > which is now fixed. (claudio@) ~ buf.h > Switch geteblks()'s size argument from int to size_t. It's called with > unsigned variables as argument in most places anyway. Decrease the > chance of signedness/range mismatch issues. > ok stefan (natano@) ~ protosw.h > Convert the variable argument list of the pr_output functions to > fixed parameters. > OK mpi@ claudio@ dhill@ (bluhm@) ~ param.h > crank to 6.1-beta (deraadt@) ~ proc.h > We've fixed PID handling, so update the comment describing ps_mainproc > (guenther@) uvm ~ uvm_extern.h ~ uvm_unix.c > Generating a coredump requires walking the map twice; change > uvm_coredump_walkmap() to do both with a callback in between > so it can hold locks/change state across the two. > ok stefan@ (guenther@) ~ uvm_unix.c > Handle unshared amaps in uvm_coredump_walkmap() such that untouched pages > don't get written out to the core file but rather are represented via > segments which have memory size greater than their file size. This shrinks > core files and eliminates a case where core dumping fails with EFAULT. > This can still happen in the shared amap case. > Based on a problem report from (and testing by) semarie@ > ok stefan@ (guenther@) == usr.bin =========================================================== 09/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin dc ~ bcode.c ~ inout.c > Move away from BN_zero, the one returning an int is deprecated and the > new one is a void function. From Daniel Cegielka. (otto@) ftp ~ fetch.c > Use a do{}while loop with ssize_t return value when calling tls_read() > problem noted by and ok jsg@ (guenther@) ~ fetch.c > close ftp(1)'s output file to avoid leaking one FD per request. > ok deraadt (sthen@) mandoc ~ roff.c > Fix previous: do not access the byte before the string if the string > is empty; found by jsg@ with afl(1). (schwarze@) ~ mansearch.c > A missing initialization could randomly cause regular expression > searches to be case-insensitive that ought to be case sensitive. > Found by jsg@ with scan-build. (schwarze@) ~ mandocdb.c > Fix a copy-and-paste error that caused man(7) manuals without > a section number in .TH to be misinterpreted as preformatted. > Found by jsg@ with cppcheck. (schwarze@) ~ man.c ~ mdoc.c ~ mdoc_html.c ~ roff.c > remove a few redundant conditions that jsg@ found with cppcheck (schwarze@) ~ Makefile ~ main.c ~ main.h ~ mandoc.1 + mdoc_markdown.c > new -mdoc -Tmarkdown output mode; OK millert@ reyk@ tb@; > thanks to reyk@ and to Vsevolod at FreeBSD for suggesting it (schwarze@) ~ mdoc_argv.c > Markdown output mode helped us to find the first parser bug (as such, > this bug could cause wrong output in other modes as well): > Do not misinterpret tab characters as .Ta macros when they appear > on non-column .It lines in non-column .Bl lists that are nested > inside a parent .Bl -column list. (Admittedly, such constructions > are not very useful; don't use them!) > Found by tb@ with afl(1) because the resulting tree corruption > triggered an assertion in the markdown output module. (schwarze@) ~ mandoc.1 > Make the description of -K autodetection easer to understand. > Basic idea suggested by jmc@, OK jmc@. (schwarze@) ~ mdoc_man.c ~ mdoc_markdown.c > Remove a redundant condition in .%T handling, no functional change. > Found by jsg@ with scan-build. (schwarze@) ssh ~ ssh_config.5 > errant dot; from klemens nanni (jmc@) ~ packet.c > small memleak: free fd_set on connection timeout (though we are heading to > exit anyway). From Tom Rix in bz#2683 (djm@) ~ ssh-keygen.c > fix ssh-keygen -H accidentally corrupting known_hosts that contained > already-hashed entries. HKF_MATCH_HOST_HASHED is only set by > hostkeys_foreach() when hostname matching is in use, so we need to look > for the hash marker explicitly. (djm@) tmux ~ cmd-split-window.c ~ tmux.h ~ window.c > If splitw -b is used, insert the new pane before the current one in the > pane list. This means the numbering is in order (for example for > display-panes) and fixes a problem with redrawing the active pane > borders. (nicm@) units ~ units.lib > update currency exchange rates; (jmc@) == usr.sbin ========================================================== 10/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin bgpd ~ pfkey.c > Fix breakage of md5 authentication. > The previous commit (rev 1.47) added a missing htonl in pfkey_send() but > didn't add a corresponding ntohl in pfkey_reply(). This patch fixes this. > Found the hard way by benno@, who also suggested the rename of spip > to spi. > OK benno@ claudio@ henning@ (renato@) crunchgen ~ crunchgen.c > Make object-in-archive-used identification portable to lld: use --trace > instead of -M and transform the output to a common > /path/to/archive.a(object.o) > syntax. > problem noted by jsg@ > ok kettenis@ jsg@ (guenther@) ldapd ~ ldapd.c > move up getpid() and getpwnam(LDAP USER) checks > to fail earlier and also make them consistent with > other daemons. > while here: > - fix getpwnam(LDAPD_USER) errx() > - no need to skip_chroot > ok jmatthew@ (gsoares@) ~ imsgev.c ~ imsgev.h > add missing rcsid (gsoares@) ~ evbuffer_tls.c > Internally libssl uses 16k buffer, the libevent TLS wrapper uses > 4k read buffer. This can hang ldapd(8). Setting both to 16k > improves the situation. > report Seiya Kawashima; feedback Robert Klein; test and OK gsoares@ > (bluhm@) ldpd ~ control.c ~ control.h ~ ldpd.8 ~ ldpd.c ~ ldpd.h ~ ldpe.c ~ ldpe.h > Allow to specify an alternate control socket. > This is required to run multiple instances of ldpd. > OK claudio@ (renato@) ~ interface.c ~ kroute.c ~ ldpd.c ~ ldpd.conf.5 ~ ldpd.h ~ parse.y ~ printconf.c > Allow to run on a non-default rdomain. > OK claudio@ (renato@) ~ interface.c ~ kroute.c ~ labelmapping.c ~ lde.c ~ lde.h ~ lde_lib.c ~ ldp.h ~ ldpe.c ~ parse.y > Minor tweaks. (renato@) ~ address.c ~ init.c ~ labelmapping.c ~ ldpe.h ~ notification.c ~ packet.c > Kill send_notification_nbr(). > Be more clever and trigger the PDU SENT event inside send_notification() > when tcp->nbr is set. This way we can eliminate send_notification_nbr() > and always use send_notification() instead. (renato@) ~ notification.c > Provide more detailed output when logging notification messages. (renato@) ~ address.c ~ labelmapping.c ~ notification.c > Create helper functions to log sent/received messages. (renato@) ~ address.c > Send correct status code on error condition. > The Unknown TLV status code is reserved for cases where we don't know > how to process a given TLV and its Unknown TLV bit is not set. > In the case of Address Messages, the Address List TLV is mandatory and > should appear before any optional TLV in the message. If that doesn't > happen the correct status notification to send is "Missing Message > Parameters" (non-fatal error). > Also, add a missing htons when creating an Address List TLV. Since the > value of TLV_TYPE_ADDRLIST is 0x0101 this missing htons wasn't noticed > earlier. (renato@) ~ ldp.h > The PW Status is an unknown TLV. > Without this fix, any LDP speaker that doesn't implement RFC 4447 will > shut down the session upon receipt of a PWid Label Mapping (unless the > use of the PW-Status TLV is disabled via configuration). (renato@) ~ lde_lib.c > Fix processing of Label Withdraw messages. > Whenever we receive a Label Withdraw message with an optional Label > TLV, we should check if this label matches the label previously > received from this neighbor for this FEC. If they don't match then we > shouldn't uninstall the previous label from the kernel. This fixes a > misinterpretation from the "Receive Label Withdraw" algorithm described > in the A.1.5 section of RFC 5036. > Also, simplify the check of pending withdraws in lde_check_release() > and lde_check_release_wcard(). (renato@) ~ l2vpn.c ~ lde.c ~ lde.h ~ lde_lib.c ~ logmsg.c > Implement support for PWid group wildcards. > This was missing from our original RFC 4447 VPLS implementation. Now > ldpd understands group wildcards as mandated by the RFC, but we still > don't send them ourselves. I can't see any case in which sending a group > wildcard would be useful, but nonetheless this patch provides a function > called lde_send_labelwithdraw_pwid_wcard() which is ready to be used in > the future anytime we feel like it might be useful. (renato@) ~ init.c ~ labelmapping.c ~ ldp.h ~ ldpd.8 ~ ldpd.h ~ ldpe.h ~ logmsg.c ~ notification.c ~ packet.c > Implement RFC 5561 (LDP Capabilities). > This patch per-se doesn't introduce any useful functionality, but prepares > the ground for new enhancements to ldpd (i.e. implementation of new RFCs > that make use of LDP capabilities). (renato@) ~ init.c ~ labelmapping.c ~ lde.c ~ lde.h ~ lde_lib.c ~ ldp.h ~ ldpd.8 ~ ldpd.h ~ ldpe.h ~ logmsg.c > Implement RFC 5918 (Typed Wildcard FEC). (renato@) ~ l2vpn.c ~ labelmapping.c ~ lde.c ~ lde.h ~ lde_lib.c ~ ldp.h ~ ldpd.8 ~ ldpd.h ~ logmsg.c > Implement RFC 6667 (Typed Wildcard FEC for PWid). (renato@) ~ init.c ~ labelmapping.c ~ lde.c ~ lde.h ~ lde_lib.c ~ ldp.h ~ ldpd.8 ~ ldpe.h ~ logmsg.c ~ neighbor.c ~ notification.c > Implement RFC 5919 (LDP End-of-LIB). (renato@) ~ address.c > Fix parsing of optional tlvs in address messages. > We were aborting the session upon receipt of MAC Address Withdrawal > messages. Now make the parser aware that optional TLVs are possible in > address messages. (renato@) ~ address.c ~ kroute.c ~ l2vpn.c ~ lde.h ~ ldp.h ~ ldpd.h ~ ldpe.c ~ ldpe.h > Send VPLS MAC withdrawals. > RFC 4762 says that MAC address withdrawal messages can be used to > improve convergence time in VPLS networks. This patch makes ldpd send > MAC withdrawals whenever a non-pseudowire interface pertaining to a > VPLS goes down. The processing of received MAC withdrawals will be > implemented later. (renato@) ntpd ~ util.c > *nargv[] holds an array of pointers, so it should be > terminated by a null pointer. > ok rzalamena@ reyk@ (gsoares@) pcidump ~ Makefile > build pcidump on arm64 (jsg@) pkg_add ~ OpenBSD/AddDelete.pm ~ OpenBSD/PkgAdd.pm ~ OpenBSD/PkgDelete.pm ~ OpenBSD/PkgSign.pm > framework for some performance stats as a -V... option (like how much > of a package you actually downloaded, or how many packages you touch) > okay aja@ (espie@) ~ Makefile ~ pkg_add.1 ~ pkg_create.1 ~ pkg_delete.1 ~ pkg_info.1 ~ OpenBSD/State.pm > Remove support for pkg.conf in light of the consolidation towards > a single configuration file for the OpenBSD repository location. > The pkg_* tools now use installurl(5) to find the package repository. > NOTE: > /etc/installurl only contains a single URL pointing to a mirror. > Use the PKG_PATH environment variable to specify more than one > package repository. > prodded by and OK deraadt@ aja@ (rpe@) ~ OpenBSD/AddDelete.pm ~ OpenBSD/PackageLocator.pm ~ OpenBSD/PkgSign.pm ~ OpenBSD/State.pm ~ OpenBSD/ProgressMeter/Term.pm > scrape most of the config framework > okay aja@, rpe@ (espie@) ~ OpenBSD/Paths.pm > Remove pkg.conf leftover. > OK espie@ (rpe@) ~ OpenBSD/Add.pm ~ OpenBSD/PackingElement.pm > pass @sysctl into old stuff > okay sthen@ (espie@) ~ pkg_create.1 ~ pod/OpenBSD::PackingElement.pod > spring cleanup, remove sysctl from doc, and finally gc some older > annotations > which don't even exist in the PackingElement hierarchy anymore. (espie@) ~ pod/OpenBSD::PackingElement.pod > Remove a "=over 4" after the corresponding "=back" has been removed > in the previous commit. Makes pod2man compile again. (bluhm@) relayd ~ relayd.conf.5 > update an example in the relayd.conf manpage, that was not converted > to the new syntax 2 years ago. Found by Michael W. Lucas, thanks! > ok tb@ (benno@) syslogd ~ evbuffer_tls.c > Internally libssl uses 16k buffer, the libevent TLS wrapper uses > 4k read buffer. This can hang ldapd(8). Setting both to 16k > improves the situation. > report Seiya Kawashima; feedback Robert Klein; test and OK gsoares@ > (bluhm@) tcpdump ~ print-domain.c > Print the DNSSEC OKAY flag as "DO", like in upstream tcpdump > ok florian@ (jca@) ~ print-802_11.c > Make tcpdump show HT protection settings consistently. Previously, nothing > was displayed if HT protection was disabled. Now it displays as "htprot > none". > ok sthen@ (stsp@) unbound ~ Makefile.in > Use mkdir -p instead of install -d to create the obj/util directory. > The latter defaults to 755, which doesn't play nicely with BUILDUSER. > Problem reported by jmc and Jan Stary; tested by myself and jmc. > ok ajacoutot (tb@) vmctl ~ vmctl.c > Use fmt_scaled(3) in vmctl status output to print curmem/maxmem > This matches the accepted input in vmctl start and vm.conf that > supports using M, G, T etc. instead of a hardcoded MB. It also allows > to shrink the column size as the unit will be scaled automatically. > OK mlarkin@ (reyk@) ~ main.c ~ vmctl.c > Add "owner" option to set a user/group ownership for pre-configured VMs > This allows matching users to start or stop VMs that they "own" and to > access the console accordingly. > OK mlarkin@ (reyk@) ~ main.c ~ vmctl.c ~ vmctl.h > unbreak vmctl build by renaming a function that now conflicts with > something from vmd.h . Temporary fix until the original committer can > fix it the way he desires. (mlarkin@) ~ main.c ~ vmctl.c ~ vmctl.h > Rename start_vm_complete to vm_start_complete for consistency. (reyk@) ~ vmctl.c > Undefined behavior: Variable 'user' was used as parameter and > destination in snprintf(). Use a temporary variable instead. > Found and OK by jsg@ (reyk@) vmd ~ control.c > Add size checks for imsg received over the control socket. > Additionally, make sure that vmd never fatal()s when receiving an > invalid imsg from an arbitrary user over the control socket. > OK gilles@ (reyk@) ~ config.c ~ vmd.c ~ vmd.h > Replace openpty(3) with local function that uses pre-opened /dev/ptm fd > This allows more flexibility for upcoming changes and better pledge. > We also didn't use half of the features of libutil's openpty function. > Additionally, make sure that the ttys are closed correctly on shutdown. > OK gilles@ (reyk@) ~ vm.conf.5 > Sort vm.conf(5) config options alphabetically > OK mlarkin@ (reyk@) ~ config.c ~ control.c ~ parse.y ~ vm.conf.5 ~ vmd.c ~ vmd.h > Add "owner" option to set a user/group ownership for pre-configured VMs > This allows matching users to start or stop VMs that they "own" and to > access the console accordingly. > OK mlarkin@ (reyk@) ~ vm.conf.5 > tweak previous; ok reyk (jmc@) ~ Makefile ~ vmd.h ~ vmm.c + vm.c > Split vmm.c into two files: vm.c for the VM child, vmm.c for the parent > As discussed with mlarkin@, it makes it easier to maintain the file. > OK mlarkin@ (reyk@) ~ config.c ~ parse.y ~ priv.c ~ virtio.c ~ virtio.h ~ vm.c ~ vm.conf.5 ~ vmd.c ~ vmd.h > Add "locked lladdr" option to prevent VMs from spoofing MAC addresses. > This is especially useful when multiple VMs share a switch, the > implementation is independent from the underlying switch or bridge. > no objections mlarkin@ (reyk@) =============================================================================== _______________________________________________ owc mailing list [email protected] http://www.squish.net/mailman/listinfo/owc
