OpenBSD src changes summary for 2017-03-05 to 2017-03-12 inclusive ==================================================================
bin/pax distrib/arm64 distrib/miniroot distrib/sets etc/root/root.mail etc/signify/openbsd-62-pkg.pub gnu/usr.bin/binutils-2.17 include/Makefile include/bsd_auth.h include/pwd.h include/stdlib.h include/struct.h include/unistd.h lib/libc lib/libssl lib/libutil regress/lib regress/sys regress/usr.bin sbin/dhclient sbin/ifconfig sbin/sysctl share/locale share/man sys/arch/amd64/amd64 sys/arch/amd64/conf sys/arch/amd64/include sys/arch/arm/arm sys/arch/arm/cortex sys/arch/arm64/arm64 sys/arch/arm64/conf sys/arch/arm64/include sys/arch/arm64/stand/efiboot sys/arch/armv7/armv7 sys/arch/armv7/conf sys/arch/armv7/exynos sys/arch/armv7/imx sys/arch/armv7/include sys/arch/armv7/stand/efiboot sys/arch/i386/i386 sys/arch/i386/include sys/arch/loongson/loongson sys/arch/luna88k/cbus sys/arch/macppc/dev sys/arch/sgi/hpc sys/arch/sparc64/sparc64 sys/dev sys/dev/acpi sys/dev/fdt sys/dev/hid sys/dev/hil sys/dev/ic sys/dev/mii sys/dev/ofw sys/dev/pci sys/dev/pckbc sys/dev/pv sys/dev/usb sys/dev/wscons sys/kern sys/net sys/net80211 sys/netinet sys/netinet6 sys/sys sys/uvm usr.bin/doas usr.bin/ftp usr.bin/lastcomm usr.bin/mandoc usr.bin/nc usr.bin/netstat usr.bin/signify usr.bin/ssh usr.bin/tmux usr.sbin/httpd usr.sbin/pkg_add usr.sbin/relayd usr.sbin/switchd usr.sbin/sysmerge usr.sbin/tcpdump == bin =============================================================== 01/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin pax ~ ar_io.c ~ pax.c > switch pax to using pledge tape instead of ioctl. > ok kettenis (tb@) == distrib =========================================================== 02/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib arm64 ~ ramdisk/install.md > copy rpi3 u-boot to the installed disk > Even though this can't be the SD card at the moment, it is possible to > boot off USB if an OTP bit has been set. (jsg@) ~ miniroot/Makefile ~ ramdisk/install.md > The SoftIron OverDrive 3000 boots to an EFI shell. Create a startup.nsh > file on the ESP to explicitly load bootaa64.efi so it will load without > manual intervention. > Suggested by patrick@ verified by deraadt@ ok kettenis@ > The partition type of the ESP remains 0x0c rather than 0xef as it > should be as otherwise the rpi3 won't boot. The AMI EDK2 based UEFI > on the other hand can handle the ESP partition type being 0x0c or 0xef. > (jsg@) miniroot ~ install.sub > Stop using and copying the on-disk /etc/hosts file to the bsd.rd > /tmp dir during upgrade. > Create and use a minimal hosts file instead to avoid that a big > hosts file fills up the small bsd.rd / filesystem as reported > recently by Ted Roby. > Note that network interface configuration using hostnames instead > of ip addresses in hostname.if(5) relies on the on-disk /etc/hosts > file which is not used anymore during upgrade. > discussed with many > ok tb@, halex@ > 'sure' deraadt@ (rpe@) ~ install.sub > Localize the 'hn' and 'if' variables in enable_network(). > Document why renaming the 'if' variable in ifstart() is not allowed. > OK tb@, krw@ (rpe@) ~ install.sub > Always create the installurl(5) file during installation and upgrade > if it does not yet exist. Before it was created only when a mirror > server was used. > suggested by deraadt@ > OK halex@ tb@ (rpe@) ~ install.sub > Explain more accurately why to remember the sets location. > noted by tb@ (rpe@) ~ install.sub > Search case-insensitive for HTTP_SERVER in the ftplist.cgi output. > This ensures that ftp.OpenBSD.org is detected as mirror if > ftp.openbsd.org is specified as set location. > noticed by tj@ > joint work with and OK tb@ (rpe@) ~ install.sub > In a scenario, where the distribution sets are fetched from a mirror > and the siteXX.tgz file is fetched from a local server, ensure that > the mirror server ends up in /etc/installurl. > joint work with and OK tb@ (rpe@) ~ install.sub > Add a comment why INSTALL_MIRROR must not become a local variable > although it's only used in install_http() now. (rpe@) ~ makeconf.awk > link libraries in a more canonical form (libc at the end) (deraadt@) sets ~ lists/base/mi > sync (deraadt@) ~ lists/comp/mi > sync (deraadt@) ~ lists/comp/mi > <struct.h> is unused and should not be used. Delete it. > ok millert@ deraadt@ kettenis@ (guenther@) == etc =============================================================== 03/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc root/root.mail ~ root/root.mail > bump one more 2016 (tb@) signify/openbsd-62-pkg.pub + signify/openbsd-62-pkg.pub > 6.2 key for future packages (naddy@) == gnu =============================================================== 04/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu usr.bin/binutils-2.17 ~ Makefile.bsd-wrapper > Go back to only specifying --target when building cross. > The OpenBSD triple includes the OpenBSD version. When this recently > changed binutils started building prefixed tools when moving to a new > OpenBSD version which isn't what we want. > ok kettenis@ (jsg@) == include =========================================================== 05/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/include Makefile ~ Makefile > <struct.h> is unused and should not be used. Delete it. > ok millert@ deraadt@ kettenis@ (guenther@) bsd_auth.h ~ bsd_auth.h > As per style.9, prototypes should not have variable names associated > with the types. > OK jca@ (fcambus@) pwd.h ~ pwd.h > As per style.9, prototypes should not have variable names associated > with the types. > OK jca@ (fcambus@) stdlib.h ~ stdlib.h > Introducing recallocarray(3), a blend of calloc(3) and reallocarray(3) > with the added feature that released memory is cleared. Much input from > various > developers. ok deraadt@ tom@ (otto@) struct.h - struct.h > <struct.h> is unused and should not be used. Delete it. > ok millert@ deraadt@ kettenis@ (guenther@) unistd.h ~ unistd.h > As per style.9, prototypes should not have variable names associated > with the types. > OK jca@ (fcambus@) == lib =============================================================== 06/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ net/inet_net_pton.c > Pull in a change from the bind 8 resolver that fixes a potential > crash when given a large hex number as part of the dotted quad. > OK deraadt@ jsg@ (millert@) ~ net/inet_net_pton.c > size is unsigned so using ==0 not <=0 when checking for buffer exhaustion > (millert@) ~ Symbols.list ~ hidden/stdlib.h ~ stdlib/Makefile.inc ~ stdlib/malloc.3 + stdlib/recallocarray.c > Introducing recallocarray(3), a blend of calloc(3) and reallocarray(3) > with the added feature that released memory is cleared. Much input from > various > developers. ok deraadt@ tom@ (otto@) ~ shlib_version > recallocarray bump (otto@) ~ stdlib/malloc.3 > Some tweaks from jmc@ and describe better what recallocarray does; > help and ok from tom@ and deraadt@ (otto@) ~ termios/tcsetpgrp.3 > If tcsetpgrp() is called by a background process and there is a > SIGTTOU handler installed without SA_RESTART set, tcsetpgrp() will > return -1 and set errno to EINTR. OK deraadt@ (millert@) ~ arch/aarch64/gen/setjmp.S > Correct arm64 sigprocmask parameter passing in setjmp/longjmp calls. > Always return nonzero as the return code from longjmp. > ok guenther@ patrick@ (drahn@) ~ sys/mmap.2 ~ sys/mprotect.2 > repair Xr, and point to sysctl(8) instead because sysctl(3) fails to > document kern.wxabort > from michael reed (deraadt@) ~ sys/mmap.2 ~ sys/mprotect.2 > shuffle back: wxabort is described in sysctl(3); (jmc@) libssl ~ d1_srvr.c ~ ssl_both.c ~ ssl_clnt.c ~ ssl_srvr.c > Convert various handshake message generation functions to CBB. > ok beck@ inoguchi@ (jsing@) ~ Makefile ~ s3_lib.c ~ ssl_ciph.c ~ ssl_clnt.c ~ ssl_locl.h ~ ssl_srvr.c ~ t1_enc.c + t1_hash.c > Provide a rolling handshake hash that commences as soon as the cipher > suite has been selected, and convert the final finish MAC to use this > handshake hash. > This is a first step towards cleaning up the current handshake > buffer/digest code. > ok beck@ inoguchi@ (jsing@) ~ ssl_packet.c > Correctly convert an SSLv2 challenge into an SSLv3/TLS client random by > truncating or left zero padding. > ok beck@ inoguchi@ sthen@ (jsing@) ~ t1_enc.c > Clean up and simplify the tls1_PRF() implementation now that we have a > single EVP MD for the PRF hash. > ok beck@ inoguchi@ (jsing@) ~ t1_enc.c > Correctly handle TLS PRF with MD5+SHA1 - the secret has to be partitioned > and each hash processed separately. > Tested by tb@ (jsing@) ~ t1_enc.c > Make tls1_PRF() non-static so it can be regress tested. (jsing@) ~ t1_enc.c > First pass at cleaning up the tls1_P_hash() function - remove a pointless > EVP_DigestSignInit() call and avoid the need for ctx_tmp by reordering the > code slightly. > ok inoguchi@ (jsing@) ~ bs_cbb.c > Switch CBB to use recallocarray() - this ensures that we do not leak > secrets via realloc(). > ok inoguchi@ (jsing@) ~ d1_srvr.c ~ s3_lib.c ~ ssl_ciph.c ~ ssl_clnt.c ~ ssl_locl.h ~ ssl_srvr.c ~ t1_enc.c > Remove the handshake digests and related code, replacing remaining uses > with the handshake hash. For now tls1_digest_cached_records() is retained > to release the handshake buffer. > ok beck@ inoguchi@ (jsing@) libutil ~ fmt_scaled.c > fix signed integer overflow in scan_scaled. Found by Nicolas Iooss > using AFL against ssh_config. ok deraadt@ millert@ (djm@) == regress =========================================================== 07/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libssl/Makefile + libssl/server/Makefile + libssl/server/servertest.c > Add an initial regress test that covers the server-side of libssl, by > providing SSL_accept() with fixed ClientHello messages. (jsing@) ~ libcrypto/hmac/hmactest.c > Use an unsigned loop variable to avoid a comparison between signed > and unsigned. Makes the test compile again. > OK inoguchi@ (bluhm@) ~ libtls/gotls/tls.go > We no longer need to keep pointers following tls_config_set_*() calls. > (jsing@) ~ libtls/gotls/tls.go > libtls errors are much more descriptive these days - return them directly > and avoid adding redundant/duplicate information. (jsing@) ~ libtls/gotls/tls.go ~ libtls/gotls/tls_test.go > Add handling for errors on the TLS config and properly check/handle > failures when setting the CA file. (jsing@) ~ libtls/gotls/tls.go > Provide support for libtls protocols and allow for protocols to be set on > a TLS config. The ConnVersion function now also returns a protocol version > instead of a string. (jsing@) ~ libtls/gotls/tls.go > Allow ciphers to be set on the TLS config. (jsing@) ~ libtls/gotls/tls_test.go > Add a test that covers a libtls client talking to a Go TLS server with > varying minimum and maximum protocol versions. This gives us protocol > version test coverage against an independent TLS stack. (jsing@) ~ libc/asr/bin/res_query.c > missing include (eric@) ~ libc/asr/bin/res_query/Makefile ~ libc/asr/bin/res_mkquery/Makefile > remove bogus variable expansion (eric@) ~ libssl/unit/Makefile + libssl/unit/tls_prf.c > Add a unit test for tls1_PRF(). (jsing@) ~ libc/asr/Makefile ~ libc/asr/regress.sh ~ libc/asr/regress.subr > refresh the test infrastructure a bit. (eric@) sys ~ crypto/gmac/gmac_test.c > Add test vectors to regress gmac_test.c > ok mikeb@ (inoguchi@) ~ kern/fchdir/fchdir.c > fix comment block (deraadt@) ~ kern/wait/wait.c > don't use __syscall to emulate _exit, just call _exit (deraadt@) ~ kern/getpeereid/getpeereid_test.c ~ kern/nanosleep/nanosleep.c ~ kern/unixsock/unixsock_test.c > warning cleanups; ok guenther (deraadt@) ~ crypto/cmac/cmac_test.c > format string mishandling (deraadt@) usr.bin ~ mandoc/Makefile.inc ~ mandoc/Makefile.sub > Infrastructure for -T markdown tests. > This is needed because -T marksdown is expected to receive less > maintenance than -T ascii, so we need automation to make sure > that regular parser maintenance doesn't break this output mode. (schwarze@) ~ mandoc/mdoc/Ad/Makefile ~ mandoc/mdoc/Ap/Makefile ~ mandoc/mdoc/Aq/Makefile ~ mandoc/mdoc/Ar/Makefile ~ mandoc/mdoc/At/Makefile ~ mandoc/mdoc/Bl/Makefile ~ mandoc/mdoc/Brq/Makefile ~ mandoc/mdoc/Bx/Makefile ~ mandoc/mdoc/Cd/Makefile ~ mandoc/mdoc/Cm/Makefile ~ mandoc/mdoc/Dd/Makefile ~ mandoc/mdoc/Dl/Makefile ~ mandoc/mdoc/Dq/Makefile ~ mandoc/mdoc/Dt/Makefile ~ mandoc/mdoc/Dv/Makefile ~ mandoc/mdoc/Em/Makefile ~ mandoc/mdoc/Eo/Makefile ~ mandoc/mdoc/Er/Makefile ~ mandoc/mdoc/Ev/Makefile ~ mandoc/mdoc/Ex/Makefile ~ mandoc/mdoc/Fd/Makefile ~ mandoc/mdoc/Fl/Makefile ~ mandoc/mdoc/Fo/Makefile ~ mandoc/mdoc/Ft/Makefile ~ mandoc/mdoc/Ic/Makefile ~ mandoc/mdoc/In/Makefile ~ mandoc/mdoc/Lb/Makefile ~ mandoc/mdoc/Li/Makefile ~ mandoc/mdoc/Lk/Makefile ~ mandoc/mdoc/Ms/Makefile ~ mandoc/mdoc/Mt/Makefile ~ mandoc/mdoc/Nd/Makefile ~ mandoc/mdoc/Nm/Makefile ~ mandoc/mdoc/No/Makefile ~ mandoc/mdoc/Ns/Makefile ~ mandoc/mdoc/Oo/Makefile ~ mandoc/mdoc/Op/Makefile ~ mandoc/mdoc/Os/Makefile ~ mandoc/mdoc/Ox/Makefile ~ mandoc/mdoc/Pa/Makefile ~ mandoc/mdoc/Pf/Makefile ~ mandoc/mdoc/Pp/Makefile ~ mandoc/mdoc/Qq/Makefile ~ mandoc/mdoc/Rs/Makefile ~ mandoc/mdoc/Rv/Makefile ~ mandoc/mdoc/Sh/Makefile ~ mandoc/mdoc/Sm/Makefile ~ mandoc/mdoc/Sq/Makefile ~ mandoc/mdoc/St/Makefile ~ mandoc/mdoc/Sx/Makefile ~ mandoc/mdoc/Sy/Makefile ~ mandoc/mdoc/Tn/Makefile ~ mandoc/mdoc/Ud/Makefile ~ mandoc/mdoc/Ux/Makefile ~ mandoc/mdoc/Va/Makefile ~ mandoc/mdoc/Vt/Makefile ~ mandoc/mdoc/Xr/Makefile ~ mandoc/mdoc/blank/Makefile ~ mandoc/mdoc/break/Makefile + mandoc/mdoc/Ad/font.out_markdown + mandoc/mdoc/Ad/noarg.out_markdown + mandoc/mdoc/Ap/eos.out_markdown + mandoc/mdoc/Ap/middle.out_markdown + mandoc/mdoc/Aq/empty.out_markdown + mandoc/mdoc/Ar/font.out_markdown + mandoc/mdoc/Ar/punct.out_markdown + mandoc/mdoc/At/invalid.out_markdown + mandoc/mdoc/Bl/bareIt.out_markdown + mandoc/mdoc/Bl/bareTa.out_markdown + mandoc/mdoc/Bl/breakingTa.out_markdown + mandoc/mdoc/Bl/bullet.out_markdown + mandoc/mdoc/Bl/dash.out_markdown + mandoc/mdoc/Bl/diag.out_markdown + mandoc/mdoc/Bl/empty.out_markdown + mandoc/mdoc/Bl/emptyitem.out_markdown + mandoc/mdoc/Bl/enum.out_markdown + mandoc/mdoc/Bl/item.out_markdown + mandoc/mdoc/Bl/multitype.out_markdown + mandoc/mdoc/Bl/notype.out_markdown + mandoc/mdoc/Bl/ohang.out_markdown + mandoc/mdoc/Bl/unclosed.out_markdown + mandoc/mdoc/Brq/empty.out_markdown + mandoc/mdoc/Bx/args.out_markdown + mandoc/mdoc/Cd/eos.out_markdown + mandoc/mdoc/Cd/font.out_markdown + mandoc/mdoc/Cd/noarg.out_markdown + mandoc/mdoc/Cm/basic.out_markdown + mandoc/mdoc/Cm/font.out_markdown + mandoc/mdoc/Cm/noarg.out_markdown + mandoc/mdoc/Dd/badarg.out_markdown + mandoc/mdoc/Dd/dupe.out_markdown + mandoc/mdoc/Dd/late.out_markdown + mandoc/mdoc/Dd/long.out_markdown + mandoc/mdoc/Dd/manarg.out_markdown + mandoc/mdoc/Dd/order.out_markdown + mandoc/mdoc/Dl/spacing.out_markdown + mandoc/mdoc/Dq/empty.out_markdown + mandoc/mdoc/Dt/case.out_markdown + mandoc/mdoc/Dt/dupe.out_markdown + mandoc/mdoc/Dt/fourargs.out_markdown + mandoc/mdoc/Dt/late.out_markdown + mandoc/mdoc/Dt/missing.out_markdown + mandoc/mdoc/Dt/noarg.out_markdown + mandoc/mdoc/Dt/nobody.out_markdown + mandoc/mdoc/Dt/nosec.out_markdown + mandoc/mdoc/Dt/order.out_markdown + mandoc/mdoc/Dv/font.out_markdown + mandoc/mdoc/Dv/noarg.out_markdown + mandoc/mdoc/Em/font.out_markdown + mandoc/mdoc/Em/noarg.out_markdown + mandoc/mdoc/Em/punct.out_markdown + mandoc/mdoc/Eo/break.out_markdown + mandoc/mdoc/Eo/obsolete.out_markdown + mandoc/mdoc/Eo/unclosed.out_markdown + mandoc/mdoc/Er/font.out_markdown + mandoc/mdoc/Er/noarg.out_markdown + mandoc/mdoc/Ev/font.out_markdown + mandoc/mdoc/Ev/noarg.out_markdown + mandoc/mdoc/Ex/args.out_markdown + mandoc/mdoc/Ex/noname.out_markdown + mandoc/mdoc/Ex/nostd.out_markdown + mandoc/mdoc/Fd/break.out_markdown + mandoc/mdoc/Fd/eos.out_markdown + mandoc/mdoc/Fd/font.out_markdown + mandoc/mdoc/Fl/font.out_markdown + mandoc/mdoc/Fl/multiarg.out_markdown + mandoc/mdoc/Fl/noarg.out_markdown + mandoc/mdoc/Fl/punct.out_markdown + mandoc/mdoc/Fo/basic.out_markdown + mandoc/mdoc/Fo/break.out_markdown + mandoc/mdoc/Fo/eos.out_markdown + mandoc/mdoc/Fo/font.out_markdown + mandoc/mdoc/Fo/noarg.out_markdown + mandoc/mdoc/Fo/nohead.out_markdown + mandoc/mdoc/Fo/obsolete.out_markdown + mandoc/mdoc/Fo/punct.out_markdown + mandoc/mdoc/Fo/section.out_markdown + mandoc/mdoc/Fo/warn.out_markdown + mandoc/mdoc/Ft/font.out_markdown + mandoc/mdoc/Ic/font.out_markdown + mandoc/mdoc/Ic/noarg.out_markdown + mandoc/mdoc/In/eos.out_markdown + mandoc/mdoc/In/font.out_markdown + mandoc/mdoc/Lb/badargs.out_markdown + mandoc/mdoc/Lb/break.out_markdown + mandoc/mdoc/Lb/eos.out_markdown + mandoc/mdoc/Li/font.out_markdown + mandoc/mdoc/Li/punct.out_markdown + mandoc/mdoc/Lk/link.out_markdown + mandoc/mdoc/Lk/noarg.out_markdown + mandoc/mdoc/Ms/font.out_markdown + mandoc/mdoc/Ms/noarg.out_markdown + mandoc/mdoc/Mt/simple.out_markdown + mandoc/mdoc/Nd/hyph.out_markdown + mandoc/mdoc/Nd/noarg.out_markdown + mandoc/mdoc/Nd/par.out_markdown + mandoc/mdoc/Nm/break.out_markdown + mandoc/mdoc/Nm/broken.out_markdown + mandoc/mdoc/Nm/empty.out_markdown + mandoc/mdoc/Nm/font.out_markdown + mandoc/mdoc/Nm/long.out_markdown + mandoc/mdoc/Nm/par.out_markdown + mandoc/mdoc/Nm/parns.out_markdown + mandoc/mdoc/Nm/punct.out_markdown + mandoc/mdoc/No/punct.out_markdown + mandoc/mdoc/No/spacing.out_markdown + mandoc/mdoc/Ns/position.out_markdown + mandoc/mdoc/Ns/punct.out_markdown + mandoc/mdoc/Oo/punct.out_markdown + mandoc/mdoc/Op/break.out_markdown + mandoc/mdoc/Op/broken.out_markdown + mandoc/mdoc/Op/punct.out_markdown + mandoc/mdoc/Os/dupe.out_markdown + mandoc/mdoc/Os/late.out_markdown + mandoc/mdoc/Os/long.out_markdown + mandoc/mdoc/Os/missing.out_markdown + mandoc/mdoc/Ox/keep.out_markdown + mandoc/mdoc/Pa/font.out_markdown + mandoc/mdoc/Pa/punct.out_markdown + mandoc/mdoc/Pf/spacing.out_markdown + mandoc/mdoc/Pp/arg.out_markdown + mandoc/mdoc/Qq/empty.out_markdown + mandoc/mdoc/Rs/allch.out_markdown + mandoc/mdoc/Rs/args.out_markdown + mandoc/mdoc/Rs/break.out_markdown + mandoc/mdoc/Rs/empty.out_markdown + mandoc/mdoc/Rs/three_authors.out_markdown + mandoc/mdoc/Rv/args.out_markdown + mandoc/mdoc/Rv/nostd.out_markdown + mandoc/mdoc/Sh/badNAME.out_markdown + mandoc/mdoc/Sh/before.out_markdown + mandoc/mdoc/Sh/empty.out_markdown + mandoc/mdoc/Sh/emptyNAME.out_markdown + mandoc/mdoc/Sh/first.out_markdown + mandoc/mdoc/Sh/nohead.out_markdown + mandoc/mdoc/Sh/order.out_markdown + mandoc/mdoc/Sh/orderNAME.out_markdown + mandoc/mdoc/Sh/punctNAME.out_markdown + mandoc/mdoc/Sh/subbefore.out_markdown + mandoc/mdoc/Sm/badarg.out_markdown + mandoc/mdoc/Sm/noarg.out_markdown + mandoc/mdoc/Sm/spacing-No.out_markdown + mandoc/mdoc/Sm/spacing-Op.out_markdown + mandoc/mdoc/Sm/twoarg.out_markdown + mandoc/mdoc/Sq/empty.out_markdown + mandoc/mdoc/St/badargs.out_markdown + mandoc/mdoc/St/call.out_markdown + mandoc/mdoc/Sx/font.out_markdown + mandoc/mdoc/Sx/noarg.out_markdown + mandoc/mdoc/Sy/font.out_markdown + mandoc/mdoc/Sy/noarg.out_markdown + mandoc/mdoc/Sy/punct.out_markdown + mandoc/mdoc/Tn/font.out_markdown + mandoc/mdoc/Tn/noarg.out_markdown + mandoc/mdoc/Ud/arg.out_markdown + mandoc/mdoc/Ux/eos.out_markdown + mandoc/mdoc/Ux/spacing.out_markdown + mandoc/mdoc/Va/basic.out_markdown + mandoc/mdoc/Va/font.out_markdown + mandoc/mdoc/Va/noarg.out_markdown + mandoc/mdoc/Vt/child.out_markdown + mandoc/mdoc/Vt/font.out_markdown + mandoc/mdoc/Vt/noarg.out_markdown + mandoc/mdoc/Vt/spacing.out_markdown + mandoc/mdoc/Xr/args.out_markdown + mandoc/mdoc/blank/comment.out_markdown + mandoc/mdoc/blank/list.out_markdown + mandoc/mdoc/break/brokenbreaker.out_markdown + mandoc/mdoc/break/notopen.out_markdown + mandoc/mdoc/break/twice.out_markdown + mandoc/mdoc/break/two.out_markdown > first batch of -T markdown tests (schwarze@) ~ mandoc/mdoc/Rs/allch.out_markdown > URIs need different escaping; reported by reyk@ (schwarze@) ~ mandoc/mdoc/Nd/broken.out_lint > Using .Nd only makes sense in the NAME section. > Warn if that macro occurs elsewhere. > Triggered by a question from Dag-Erling Smoergrav <des @ FreeBSD>. > (schwarze@) ~ mandoc/mdoc/Fd/Makefile ~ mandoc/mdoc/In/Makefile + mandoc/mdoc/Fd/empty.out_markdown + mandoc/mdoc/In/break.out_markdown + mandoc/mdoc/In/noarg.out_markdown > Fix .In formatting in the SYNOPSIS: > No ‌ in the middle of **, please. (schwarze@) ~ mandoc/mdoc/An/Makefile ~ mandoc/mdoc/Aq/Makefile + mandoc/mdoc/An/break.out_markdown + mandoc/mdoc/Aq/author.out_markdown > implement .An -split and -nosplit (schwarze@) ~ mandoc/mdoc/Fl/Makefile ~ mandoc/mdoc/Fl/noarg.out_markdown + mandoc/mdoc/Fl/parsed.out_markdown > fix spacing after empty .Fl (schwarze@) ~ mandoc/mdoc/Eo/Makefile + mandoc/mdoc/Eo/empty.out_markdown > fix completely empty .Eo: no blank line wanted (schwarze@) ~ mandoc/mdoc/Bl/Makefile + mandoc/mdoc/Bl/inset.out_markdown > Escape blanks at the end of markdown lines > such that they don't look like output line breaks. (schwarze@) ~ mandoc/roff/de/Makefile + mandoc/roff/de/infinite.in + mandoc/roff/de/infinite.out_ascii + mandoc/roff/de/infinite.out_lint > If a user-defined macro is aborted because it exceeds the stack > limit, usually due to infinite recursion, discard whatever remains > in all those open stack levels. Otherwise, insane constructions > like the following could generate macros of enormous size, causing > mandoc(1) to die from memory exhaustion: > .de m \" original macro definition > .m \" recursion to blow up the stack > .de m \" definition to be run during the call of .m marked (*) > very long plain text (some kilobytes) > .m \" expand the above a thousand times while unwinding the stack > .. \" end of the original definition > .m \" (*) recursively generate a ridiculously large macro > .. \" end of recursively generated definition > .m \" execute the giant macro, exhausting memory > Very creative abuse found by tb@ with afl(1). (schwarze@) ~ mandoc/roff/de/infinite.in ~ mandoc/roff/de/infinite.out_ascii ~ mandoc/roff/de/infinite.out_lint > prevent infinite recursion while expanding the arguments > of a user-defined macro; issue found by tb@ with afl(1) (schwarze@) ~ mandoc/mdoc/Bd/Makefile ~ mandoc/mdoc/Bl/Makefile ~ mandoc/mdoc/D1/Makefile ~ mandoc/mdoc/Sm/Makefile ~ mandoc/mdoc/break/Makefile + mandoc/mdoc/Bd/badargs.out_markdown + mandoc/mdoc/Bd/beforeNAME.out_markdown + mandoc/mdoc/Bd/blank.out_markdown + mandoc/mdoc/Bd/break.out_markdown + mandoc/mdoc/Bd/broken.out_markdown + mandoc/mdoc/Bd/centered.out_markdown + mandoc/mdoc/Bd/empty.out_markdown + mandoc/mdoc/Bd/nested.out_markdown + mandoc/mdoc/Bd/offset-empty.out_markdown + mandoc/mdoc/Bd/offset-neg.out_markdown + mandoc/mdoc/Bd/spacing.out_markdown + mandoc/mdoc/Bd/unclosed.out_markdown + mandoc/mdoc/Bl/badargs.out_markdown + mandoc/mdoc/Bl/breakingIt.out_markdown + mandoc/mdoc/Bl/broken.out_markdown + mandoc/mdoc/Bl/emptyhead.out_markdown + mandoc/mdoc/Bl/emptytag.out_markdown + mandoc/mdoc/Bl/extend.out_markdown + mandoc/mdoc/Bl/hang.out_markdown + mandoc/mdoc/Bl/multitag.out_markdown + mandoc/mdoc/Bl/nested.out_markdown + mandoc/mdoc/Bl/noIt.out_markdown + mandoc/mdoc/Bl/offset.out_markdown + mandoc/mdoc/Bl/secstart.out_markdown + mandoc/mdoc/Bl/tag.out_markdown + mandoc/mdoc/D1/spacing.out_markdown + mandoc/mdoc/Sm/scope.out_markdown + mandoc/mdoc/break/tail.out_markdown > enable -T markdown tests of filled displays and tagged lists (schwarze@) ~ mandoc/mdoc/Bl/Makefile + mandoc/mdoc/Bl/colNoIt.out_markdown + mandoc/mdoc/Bl/column.out_markdown > .Bl -column never gets blank lines between rows (schwarze@) ~ mandoc/mdoc/Dv/font.out_markdown ~ mandoc/mdoc/Er/font.out_markdown ~ mandoc/mdoc/Ev/font.out_markdown ~ mandoc/mdoc/Li/font.out_markdown ~ mandoc/mdoc/Tn/font.out_markdown > According to the CommonMark specification, backslash escapes > and markdown markup do not work inside code spans. (schwarze@) ~ mandoc/Makefile.inc ~ mandoc/char/Makefile.inc ~ mandoc/eqn/Makefile.inc ~ mandoc/man/Makefile.inc ~ mandoc/mdoc/Ad/Makefile ~ mandoc/mdoc/An/Makefile ~ mandoc/mdoc/Ap/Makefile ~ mandoc/mdoc/Aq/Makefile ~ mandoc/mdoc/Ar/Makefile ~ mandoc/mdoc/At/Makefile ~ mandoc/mdoc/Bd/Makefile ~ mandoc/mdoc/Bf/Makefile ~ mandoc/mdoc/Bk/Makefile ~ mandoc/mdoc/Bl/Makefile ~ mandoc/mdoc/Brq/Makefile ~ mandoc/mdoc/Bx/Makefile ~ mandoc/mdoc/Cd/Makefile ~ mandoc/mdoc/Cm/Makefile ~ mandoc/mdoc/D1/Makefile ~ mandoc/mdoc/Db/Makefile ~ mandoc/mdoc/Dd/Makefile ~ mandoc/mdoc/Dl/Makefile ~ mandoc/mdoc/Dq/Makefile ~ mandoc/mdoc/Dt/Makefile ~ mandoc/mdoc/Dv/Makefile ~ mandoc/mdoc/Em/Makefile ~ mandoc/mdoc/Eo/Makefile ~ mandoc/mdoc/Er/Makefile ~ mandoc/mdoc/Ev/Makefile ~ mandoc/mdoc/Ex/Makefile ~ mandoc/mdoc/Fd/Makefile ~ mandoc/mdoc/Fl/Makefile ~ mandoc/mdoc/Fo/Makefile ~ mandoc/mdoc/Ft/Makefile ~ mandoc/mdoc/Ic/Makefile ~ mandoc/mdoc/In/Makefile ~ mandoc/mdoc/Lb/Makefile ~ mandoc/mdoc/Li/Makefile ~ mandoc/mdoc/Lk/Makefile ~ mandoc/mdoc/Ms/Makefile ~ mandoc/mdoc/Mt/Makefile ~ mandoc/mdoc/Nd/Makefile ~ mandoc/mdoc/Nm/Makefile ~ mandoc/mdoc/No/Makefile ~ mandoc/mdoc/Ns/Makefile ~ mandoc/mdoc/Oo/Makefile ~ mandoc/mdoc/Op/Makefile ~ mandoc/mdoc/Os/Makefile ~ mandoc/mdoc/Ox/Makefile ~ mandoc/mdoc/Pa/Makefile ~ mandoc/mdoc/Pf/Makefile ~ mandoc/mdoc/Pp/Makefile ~ mandoc/mdoc/Qq/Makefile ~ mandoc/mdoc/Rs/Makefile ~ mandoc/mdoc/Rv/Makefile ~ mandoc/mdoc/Sh/Makefile ~ mandoc/mdoc/Sm/Makefile ~ mandoc/mdoc/Sq/Makefile ~ mandoc/mdoc/St/Makefile ~ mandoc/mdoc/Sx/Makefile ~ mandoc/mdoc/Sy/Makefile ~ mandoc/mdoc/Tn/Makefile ~ mandoc/mdoc/Ud/Makefile ~ mandoc/mdoc/Ux/Makefile ~ mandoc/mdoc/Va/Makefile ~ mandoc/mdoc/Vt/Makefile ~ mandoc/mdoc/Xr/Makefile ~ mandoc/mdoc/blank/Makefile ~ mandoc/mdoc/break/Makefile ~ mandoc/roff/Makefile.inc ~ mandoc/tbl/Makefile.inc > Now that markdown output is tested for almost everything, test all > input files in -T markdown output mode by default and only mark > those files with SKIP_MARKDOWN that are not to be tested. > Much easier to read, and almost minus 40 lines of Makefile code. > (schwarze@) ~ mandoc/mdoc/Aq/author.out_markdown ~ mandoc/mdoc/Lk/noarg.out_markdown ~ mandoc/mdoc/Mt/simple.out_markdown ~ mandoc/mdoc/Rs/allch.out_markdown > In markdown, autolinks are dangerous. Different compilers disagree > with respect to what constitutes a valid autolink, and if a compiler > deems an autolink invalid, the input turns into an unintended and > potentially harmful raw HTML tag. So, never write autolinks. > Instead of <link>, write [link](link). > Instead of <addr>, write [addr](mailto:addr). > Issue pointed out by bentley@, who also agrees with the general > direction of the change. (schwarze@) ~ mandoc/eqn/define/Makefile + mandoc/eqn/define/infinite.in + mandoc/eqn/define/infinite.out_ascii + mandoc/eqn/define/infinite.out_lint > test infinite recursion in eqn(7) "define" statements (schwarze@) ~ ssh/cert-file.sh > regress tests for loading certificates without public keys; > bz#2617 based on patch from Adam Eijdenberg; ok markus@ dtucker@ (djm@) == sbin ============================================================== 08/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ dhclient.c ~ options.c ~ packet.c > Add comments to #endif's to allow easy differentiation between many > incoming #ifdef's. (krw@) ~ dhclient.c > Shuffle some declarations. Both more style(9)'ish and make future diff > smaller. (krw@) ~ dhclient.c > Split a declaration to make the later insertion of #ifdef easier. (krw@) ~ dhclient.c > Shuffle some functions around to group together functions that will > later be #ifdef'd in or out. (krw@) ~ kroute.c > Move ROUNDUP() to top of file, outside of warring #ifdef's to come. (krw@) ~ dhclient.c > Move a line of code to group together code that will be mediated > by #ifdef's. (krw@) ~ dispatch.c > Stray #endif w/o comment. (krw@) ~ privsep.c > Shuffle another bit of code closer to its friends. (krw@) ~ privsep.h > Shuffle, shuffle, shuffle. (krw@) ~ dhcpd.h > Shuffle, shuffle, shuffle. (krw@) ~ dhclient.c > Shuffle, shuffle, shuffle. (krw@) ifconfig ~ ifconfig.c > Make 'ifconfig scan' display AP encryption correctly if WEP is configured > on the local wifi interface. ifconfig was mistakenly showing the common > supported subset of client and AP, rather than showing the AP's > capabilities. > Exposes WPA protocol capabilities in struct ieee80211_nodereq, which means > ifconfig must be recompiled to run on a new kernel. > ok deraadt@ mpi@ (stsp@) ~ ifconfig.c > Make ifconfig scan display both wpa1 and wpa2 if both are supported. > ok henning@ phessler@ (stsp@) sysctl ~ sysctl.8 > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) == share ============================================================= 09/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share locale ~ ctype/en_US.UTF-8.src > Update to unicode 8 > OK schwarze@ (afresh1@) man ~ man5/installurl.5 > Reflect the installer change in the manual page. (rpe@) ~ man5/hostname.if.5 > update the autoconfiguration section for ip6 to use "autoconf" rather > than "rtsol": the former is the new way to do things and showing two > ways to do this is just confusing; > ok bluhm (jmc@) ~ man4/ure.4 > Update for RTL8153 support. (kettenis@) ~ man1/clang-local.1 > Colour diagnostic messages are now disabled by default. (jsg@) == sys =============================================================== 10/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ db_disasm.c > Teach the ddb disassembler about most of the vm* instructions > ok mlarkin@ (guenther@) ~ machdep.c > Disallow setting machdep.lidaction to any other value but [0,2]. > suggested by halex > ok deraadt millert (natano@) ~ mutex.S > Make the slow path similar to i386's by checking mutex owner > on every iteration. > OK mikeb@, kettenis@, mpi@, tom@, mlarkin@ (visa@) ~ mutex.S > Use the pause instruction on the slow path. This improves > performance a bit. > OK mikeb@, kettenis@, mpi@, tom@, mlarkin@ (visa@) ~ lock_machdep.c > Keep on trying to grab the lock after leaving ddb after lock spin-out. > This restores the behaviour that preceded ticket locks. The feature can > be useful in some debug cases where the system is not totally borken. > OK guenther@, dlg@, mpi@ (visa@) ~ machdep.c > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) arch/amd64/conf ~ GENERIC > enable acpisbs (jcs@) arch/amd64/include ~ cpu.h > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) arch/arm/arm ~ sig_machdep.c > Bring SROP mitigation to arm64. Make some small modifications to the arm > code as well to improve diffability. Changes the types used in the arm64 > "struct sigcontext" to avoid having to include <sys/types.h>. > ok deraadt@ (kettenis@) arch/arm/cortex ~ ampintc.c > Record the target mask for the boot CPU when we attach and use that to pick > the target CPU interface when establishing an interrupt. Makes interrupts > work on machines that boot up on a CPU that is attached to a CPU interface > that isn't zero. > Discussed with Dale Rahn. (kettenis@) arch/arm64/arm64 ~ intr.c > Establish API to route interrupts to specific CPU cores. > Based on and ok drahn@ (patrick@) ~ intr.c > Change the interrupt routing API to take a pointer to a "struct cpu_info" > instead of a cpu number. > ok patrick@ (kettenis@) ~ pmap.c > Simplify pmap_proc_iflush(); there is no need for the per-page logic if we > are flushing by using the virtual address. > ok jsg@ (kettenis@) ~ sig_machdep.c > Bring SROP mitigation to arm64. Make some small modifications to the arm > code as well to improve diffability. Changes the types used in the arm64 > "struct sigcontext" to avoid having to include <sys/types.h>. > ok deraadt@ (kettenis@) ~ cpufunc_asm.S > Add a "dsm ishst" barrier before TLB maintenance instructions. The ARMv8 > architecture reference manual says this is required (D4.7 under "Ordering > and completion of TLB maintenance instructions" to guarantee that the > translation table walk can observe previous store to the page tables. It > also has a note that says > In all cases in this section, where a DMB or DSB is referred to, it > refers to a DMB or DSB whose required access type is both loads and > stores. > But both Linux and FreeBSD use a Store-Store barrier here. > Sadly this doesn't fix the arm64 stability problems (or at least not all > of them). > ok patrick@ (kettenis@) arch/arm64/conf ~ GENERIC ~ RAMDISK > enable vioscsi(4) (jsg@) ~ GENERIC ~ RAMDISK > Enable em(4), ahci(4), nvme(4) and USB controllers attached to pci(4). > (patrick@) ~ GENERIC ~ RAMDISK > Enable ix(4). Requested by deraadt@ (jsg@) ~ GENERIC ~ RAMDISK > Enable re(4). (patrick@) ~ GENERIC ~ RAMDISK > Enable eephy(4). (patrick@) ~ GENERIC ~ RAMDISK > Enable msk(4). (patrick@) ~ GENERIC ~ RAMDISK > enable amphy(4) for udav(4) and urlphy(4) for url(4) (jsg@) arch/arm64/include ~ intr.h > Establish API to route interrupts to specific CPU cores. > Based on and ok drahn@ (patrick@) ~ intr.h > Change the interrupt routing API to take a pointer to a "struct cpu_info" > instead of a cpu number. > ok patrick@ (kettenis@) ~ pmap.h > Remove some unused cruft. > ok jsg@ (kettenis@) ~ signal.h > Bring SROP mitigation to arm64. Make some small modifications to the arm > code as well to improve diffability. Changes the types used in the arm64 > "struct sigcontext" to avoid having to include <sys/types.h>. > ok deraadt@ (kettenis@) arch/arm64/stand/efiboot ~ efiboot.c > Set EVT_NOTIFY_SIGNAL when calling boot services CreateEvent(). > The UEFI specification states this is required to have the notification > function called. U-Boot's EFI loader calls the notification function > without the flag set but the EDK2 implementation of UEFI requires the > flag. > With this change the timer ticks and autoboot works on the OverDrive > 3000. > ok kettenis@ (jsg@) arch/armv7/armv7 ~ platform.c > De-platformize exynos. Disable exdisplay(4) for now. (kettenis@) ~ platform.c > Unbreak the tree by removing the "exynos.h" include and associated > prototype. > Found the hard way by florian@ (kettenis@) ~ intr.c > Add interrupt routing API like we have on arm64. (kettenis@) ~ armv7_machdep.c > Lookup the /memory node again after we reinit the FDT. This makes adding > additional memory segments provided by the device tree actually work. > ok jsg@ (kettenis@) arch/armv7/conf ~ GENERIC > Turn exgpio(4) into a pinctrl driver. (kettenis@) ~ RAMDISK > match GENERIC (deraadt@) ~ GENERIC ~ RAMDISK > Attach exiic(4) using the FDT. (kettenis@) ~ GENERIC ~ RAMDISK > De-platformize exynos. Disable exdisplay(4) for now. (kettenis@) ~ files.armv7 > Provide access to our registers through the regmap interface. > ok patrick@ (kettenis@) ~ GENERIC ~ RAMDISK > Enable syscon(4) such that I can actually reboot the Odroid XU4. > ok patrick@ (kettenis@) ~ GENERIC ~ RAMDISK > Enable exrtc(4). (kettenis@) ~ GENERIC ~ RAMDISK > Enable exdwusb(4) and xhci(4). (kettenis@) ~ GENERIC ~ RAMDISK > Hook exclock(4) up to the clock framework using a dummy implementation that > prints the clock ids it is being called for. This allows us to identify > which clocks need to be implemented. > Attach early such that clocks are available when needed. (kettenis@) arch/armv7/exynos ~ exuart.c > The current code in exuartcnputc() that tries to make sure the character > written is actually transmitted doesn't seem to work. Instead, wait until > there is room in the TX FIFO before writing the character. This works only > in FIFO mode, but that's how u-boot configures the chip. > ok patrick@ (kettenis@) ~ exuart.c > Clear pending interrupts and mask them all. (kettenis@) - exgpiovar.h ~ exehci.c ~ exesdhc.c ~ exgpio.c ~ exiic.c ~ files.exynos > Turn exgpio(4) into a pinctrl driver. (kettenis@) - exiicvar.h ~ crosec.c ~ exiic.c ~ files.exynos ~ tps65090.c > Attach exiic(4) using the FDT. (kettenis@) - exynos.c - exynos4.c - exynos5.c ~ files.exynos > De-platformize exynos. Disable exdisplay(4) for now. (kettenis@) ~ exuart.c > Make this actually work as a tty. Everything except for the most basic > tx and rx functionality is still missing. (kettenis@) ~ exdog.c > Only set cpuresetfn if it isn't set already such that other reboot > mechanisms > (like psci or syscon) are preferred over letting the watchdog fire. > ok patrick@ (kettenis@) ~ expower.c > Provide access to our registers through the regmap interface. > ok patrick@ (kettenis@) ~ files.exynos + exdwusb.c > Add glue to attach xhci(4) on exynos. (kettenis@) - exynos_machdep.c > Missed this file in the deplatformization commit. (kettenis@) - expowervar.h ~ exehci.c ~ expower.c > Use regmap interface to power up the PHY block. (kettenis@) ~ exgpio.c > Hook up exgpio(4) to the gpio framework. (kettenis@) ~ exclock.c > Hook exclock(4) up to the clock framework using a dummy implementation that > prints the clock ids it is being called for. This allows us to identify > which clocks need to be implemented. > Attach early such that clocks are available when needed. (kettenis@) arch/armv7/imx ~ imxiic.c > Remove unused unit number from softc. (kettenis@) arch/armv7/include ~ intr.h > Add interrupt routing API like we have on arm64. (kettenis@) ~ vmparam.h > Set VM_PHYSSEG_MAX to 32 and use VM_PSTRAT_BSEARCH as the sort/search > option > like we do on macppc and sparc64. This makes our kernel recognize all the > memory on the Odroid XU4. > ok jsg@ (kettenis@) arch/armv7/stand/efiboot ~ efiboot.c > Set EVT_NOTIFY_SIGNAL when calling boot services CreateEvent(). > The UEFI specification states this is required to have the notification > function called. U-Boot's EFI loader calls the notification function > without the flag set but the EDK2 implementation of UEFI requires the > flag. > With this change the timer ticks and autoboot works on the OverDrive > 3000. > ok kettenis@ (jsg@) arch/i386/i386 ~ db_disasm.c > Teach the ddb disassembler about most of the vm* instructions > ok mlarkin@ (guenther@) ~ machdep.c > Disallow setting machdep.lidaction to any other value but [0,2]. > suggested by halex > ok deraadt millert (natano@) ~ mutex.S > Use the pause instruction on the slow path. This improves > performance a bit. > OK mikeb@, kettenis@, mpi@, tom@, mlarkin@ (visa@) ~ lock_machdep.c > Keep on trying to grab the lock after leaving ddb after lock spin-out. > This restores the behaviour that preceded ticket locks. The feature can > be useful in some debug cases where the system is not totally borken. > OK guenther@, dlg@, mpi@ (visa@) ~ trap.c > There are no compat emulations left so we never do errno mapping: > eliminate the last use of e_errno. > ok tom@ mpi@ kettenis@ visa@ (guenther@) ~ machdep.c > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) arch/i386/include ~ cpu.h > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) arch/loongson/loongson ~ machdep.c > Disallow setting machdep.lidaction to any other value but [0,2]. > suggested by halex > ok deraadt millert (natano@) arch/luna88k/cbus ~ nec86hw.c > Fix uninitilized variables (confusion between enc and p->encoding > and between prec and p->precision). Found by jsg@, thanks. (ratchov@) arch/macppc/dev ~ if_bm.c > Do not clear IFF_UP, even in the error path, clearing IFF_RUNNING > is enough. > This flag should only be set by the stack, drivers shouldn't mess > with it. > Discussed with dlg@ and mikeb@, ok mikeb@, stsp@ (mpi@) arch/sgi/hpc ~ if_sq.c > Fix logic in the driver preventing it to receive broadcast frames > before configuring an address. > Make dhclient(8) work on sq(4). > Problem reported by Frank Scheiner, diff from miod@ (mpi@) arch/sparc64/sparc64 ~ lock_machdep.c > Keep on trying to grab the lock after leaving ddb after lock spin-out. > This restores the behaviour that preceded ticket locks. The feature can > be useful in some debug cases where the system is not totally borken. > OK guenther@, dlg@, mpi@ (visa@) dev ~ audio.c ~ audio_if.h > AUDIO_ENCODING_{S,U}LINEAR constants are neither used by low level > drivers nor exposed to user-land. Remove definitions and code to > handle convertions. (ratchov@) dev/acpi ~ acpisbs.c > move a TODO to the top (jcs@) ~ acpiec.c > Revert 1.54, go back to always trying to enable burst mode > Selectively enabling burst mode seems to have broken more machines > than it helped. On MacBooks, EC_STAT_OBF occasionally won't show up > when trying to read a byte of data when bursting hasn't been > enabled, so acpiec_wait can spin forever. > This again breaks on ECs that don't do burst at all, like the Chrome > EC, but those are much more scarce than MacBooks at this time. A > machine/bios-dependent check could be added later to disable > bursting on certain machines. > Discussed with deraadt (jcs@) ~ acpi.c ~ acpibat.c ~ acpireg.h ~ acpisbs.c ~ acpivar.h > try to attach acpisbs first and if successful, don't attach acpibat (jcs@) ~ acpisbs.c > add const to struct cfattach > ok jcs (jung@) dev/fdt ~ files.fdt + xhci_fdt.c > Glue to attach xhci(4) using the device tree. (kettenis@) ~ files.fdt + syscon.c > Add syscon(4), a driver that provides reboot/poweroff functionality through > the generic "regmap" interface. > ok patrick@ (kettenis@) ~ files.fdt + exrtc.c > Add exrtc(4), a driver for the RTC found on Samsung Exynos SoCs. > (kettenis@) ~ exrtc.c > Oops, make this actually compile. (kettenis@) ~ xhci_fdt.c > Add code to initialize the USB 3 PHY on Exynos 5. > ok visa@ (kettenis@) dev/hid ~ hidkbd.c > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) dev/hil ~ hilkbd.c > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) dev/ic ~ ahci.c > When we're unable to determine which NCQ command failed, fail all active > commands rather than proceeding to an assertion failure. This matches > how we handle the same condition with non-queued commands, and the > behaviour of every other ahci driver I can find. Add a printf there so > we might get some idea of how often this condition arises and what happens > afterwards. > ok dlg@ (jmatthew@) ~ ar5008.c ~ ar9003.c > Do not clear IFF_UP, even in the error path, clearing IFF_RUNNING > is enough. > This flag should only be set by the stack, drivers shouldn't mess > with it. > Discussed with dlg@ and mikeb@, ok mikeb@, stsp@ (mpi@) ~ pckbc.c ~ pckbcvar.h > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) dev/mii ~ rgephy.c > Add support for RTL8153 devices. Heavily based on changes made by Kevin Lo > to the FreeBSD driver. > This driver will attach instead of cdce(4), which doesn't expose a PHY and > doesn't work with my 5c20 revision of the chip. > ok jimatthew@, jcs@ (kettenis@) dev/ofw + ofw_misc.c + ofw_misc.h > Add a "regmap" interface that allows devices to provide access to their > registers to devices that live elsewhere in the device tree. > ok patrick@ (kettenis@) ~ fdt.c ~ ofw_clock.c ~ ofw_pinctrl.c ~ openfirm.h > Introduce OF_getindex() API and use it to replace multiple instances of > pretty much identical code. > ok visa@ (kettenis@) dev/pci ~ drm/i915/i915_reg.h ~ drm/i915/intel_drv.h ~ drm/i915/intel_panel.c > Setup backlight pwm alternate increment on backlight enable > On at least the MacBookAir7,1 (Broadwell), upon S3 resume, the > backlight value was treated as 0 or 100 despite reporting > intermediate values, so if the backlight value was anything other > than 100 at suspend time, the screen would stay off upon resume. > This is backported from Linux commits > 32b421e79e6b546da1d469f1229403ac9142d695 and > e29aff05f239f8dd24e9ee7816fd96726e20105a which were noted in > freedesktop.org bug 67454. > ok jsg (jcs@) ~ if_de.c ~ if_ipw.c ~ if_iwi.c ~ if_iwm.c ~ if_iwn.c ~ if_wpi.c > Do not clear IFF_UP, even in the error path, clearing IFF_RUNNING > is enough. > This flag should only be set by the stack, drivers shouldn't mess > with it. > Discussed with dlg@ and mikeb@, ok mikeb@, stsp@ (mpi@) dev/pckbc ~ pms.c > Use nitems() when passing all known parameters to wsmouse_configure(). > ok bru@ (mpi@) dev/pv ~ if_xnf.c > Fix an off by one when updating the TX consumer event index > The transmit completion notification is posted when the consumer index > becomes equal to the consumer event index. The code attempted to save > up on an update if the current value of the consumer index was below > its event index, but incorrectly handled the situation when they were > equal: the consumer event index wouldn't be advanced and the ring would > stall. > With help from Jan Schreiber who asked some good questions. (mikeb@) dev/usb ~ usbdi.c > It is unsafe to dereference ``xfer'' after calling the callback as it > might free it. > Prevent a use-after-free in various aynchronous cases. Found while > looking at another user-after-free pointed out by ehrhardt@. (mpi@) ~ usbdi.c > Do not print uninitialized variable in DPRINTFN(). > From Christian Ludwig. (mpi@) ~ if_umb.c > Do not clear IFF_UP, even in the error path. > This flag should only be set by the stack, drivers shouldn't > mess with it. > Discussed with dlg@ and mikeb@, ok gerhard@ (mpi@) ~ usbdi.c ~ ehci.c ~ ohci.c ~ uhci.c ~ xhci.c ~ dwc2/dwc2.c > Move per HC polling code to the stack. > This code contains a use-after-free which be addressed in an upcoming > diff. > This fix xhci(4) polling mode. > ok kettenis@ (mpi@) ~ ehci.c ~ ohci.c ~ uhci.c ~ usbdi.c ~ xhci.c ~ dwc2/dwc2.c > Fix a use-after-free when sending root hub control transfers. > *_root_ctrl_start() routines are synchronous and all end up calling > usb_transfer_complete() in the non-error case. After calling this > function it is unsafe to dereference ``xfer'' since the transfer > callback has been called. So returning USBD_IN_PROGRESS is wrong in > this case since transfers are always completed at this point. > So return USBD_NORMAL_COMPLETION or the corresponding error code if > something wrong happen. (mpi@) ~ ukbd.c > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) ~ if_ure.c ~ if_urereg.h > Add support for RTL8153 devices. Heavily based on changes made by Kevin Lo > to the FreeBSD driver. > This driver will attach instead of cdce(4), which doesn't expose a PHY and > doesn't work with my 5c20 revision of the chip. > ok jimatthew@, jcs@ (kettenis@) dev/wscons ~ wsemulvar.h ~ wsmouse.c ~ wstpad.c > Use 'inline' rather than _any of_ __the __other__ variants__. > ok bru@ (mpi@) ~ wsmouseinput.h ~ wsmousevar.h > Guard headers to make sure userland do not look at them. > ok bru@ (mpi@) ~ wskbd.c > Introduce a new knob to force the first USB keyboard as console input. > By setting "machdep.forceukbd=1" you can now use your USB keyboard in > ddb(4) even if your BIOS emulates a pckbd(4). > ok tom@, kettenis@, deraadt@ (mpi@) kern ~ exec_elf.c > Generating a coredump requires walking the map twice; change > uvm_coredump_walkmap() to do both with a callback in between > so it can hold locks/change state across the two. > ok stefan@ (guenther@) ~ init_main.c > domaininit() doesn't need splnet(). > At this stage the scheduler isn't setup, which means the 'softnet' > isn't running yet, so input packets aren't processed. > Prodded by a question from guenther@, ok bluhm@ (mpi@) ~ uipc_socket.c ~ uipc_socket2.c > Do not grab the NET_LOCK() for routing sockets operations. > The only function that need the lock is rtm_output() as it messes with > the routing table. So grab the lock there since it is safe to sleep > in a process context. > ok bluhm@ (mpi@) ~ kern_sysctl.c > Enforce that tcbtable and udbtable must be accessed with the NET_LOCK(). > Get rid of the old splnet()/splx() dances. What's protecting them right > now is the KERNEL_LOCK(). but since pf(4) look at these tables we want > to protect them in another way, hence the NET_LOCK(), at least as hint. > ok bluhm@ (mpi@) ~ kern_tc.c > Drop unused variable from ntp_update_second(). > ok jca@ deraadt@ (dhill@) ~ kern_pledge.c > kern_pledge.c (deraadt@) ~ kern_pledge.c > pax conversion was missed; give this another week (deraadt@) net ~ bfd.c ~ if.c ~ route.c ~ route.h ~ rtsock.c > Prefix functions dealing with routing messages with 'rtm_' and keep > them all in net/rtsock.c. > This allows to easily spot which functions are doing a copyout(9) > when dealing with the routing midlayer. > ok phessler@, bluhm@, dhill@, krw@, claudio@ (mpi@) ~ rtsock.c > Move the guts of route_output() meesing with the routing table in their > own function. > ok bluhm@ (mpi@) ~ hfsc.c ~ ifq.c ~ ifq.h > deprecate ifq_enqueue_try, and let backends drop arbitrary mbufs. > mikeb@ wants priq to be able to drop lower priority packets if the > current one is high. because ifq avoids freeing an mbuf while an > ifq mutex is held, he needs a way for a backend to return an arbitrary > mbuf to drop rather than signal that the current one needs to be > dropped. > this lets the backends return the mbuf to be dropped, which may or > may not be the current one. > to support this ifq_enqueue_try has to be dropped because it can > only signal about the current mbuf. nothing uses it (except > ifq_enqueue), so we can get rid of it. it wasnt even documented. > this diff includes some tweaks by mikeb@ around the statistics > gathered in ifq_enqueue when an mbuf is dropped. (dlg@) ~ rtsock.c > Since route_input is no longer part of the protosw struct it is possible to > pass the socket to it and do the SO_USELOOPBACK check there. This removes > a the nasty hack in the output function where the sp_family is set to 0 > temporarily. > OK bluhm@ mpi@ (claudio@) ~ raw_usrreq.c ~ route.h ~ rtsock.c > Do not grab the NET_LOCK() for routing sockets operations. > The only function that need the lock is rtm_output() as it messes with > the routing table. So grab the lock there since it is safe to sleep > in a process context. > ok bluhm@ (mpi@) ~ pf.c > Enforce that tcbtable and udbtable must be accessed with the NET_LOCK(). > Get rid of the old splnet()/splx() dances. What's protecting them right > now is the KERNEL_LOCK(). but since pf(4) look at these tables we want > to protect them in another way, hence the NET_LOCK(), at least as hint. > ok bluhm@ (mpi@) ~ ifq.c > Convert priority queue lists to mbuf_lists > This simplifies the code quite a bit making it easier to reason about. > dlg@ has begrudgingly submitted to populism, OK bluhm, mpi (mikeb@) ~ ifq.c > Change priq enqueue policy to drop lower priority packets > The new priority queueing enqueue policy is such that when the > aggregate queue depth of an outgoing queue is exceeded we attempt > to find a non-empty queue of packets with lower priority than the > priority of a packet we're trying to enqueue and if there's such > queue, we drop the first packet from it. > This ensures that high priority traffic will almost always find > the place on the queue and low priority bulk traffic gets a better > chance at regulating its throughput. There's no change in the > behavior if altered priorities are not used (e.g. via "set prio" > Pf directive, VLAN priorities and so on). > With a correction from dlg@, additional tests by dhill@ > OK bluhm, mpi (mikeb@) ~ pf.c > Don't overwrite the flow ID once it's set > Output processing may split, encapsulate or obfuscate a single > stream which makes the changed flow ID less useful for purposes > of flow control, for instance fair sharing of bandwidth. > OK dlg (mikeb@) ~ if_etherip.c > Rename struct etheripstat members for consistency, move them all to 64bits > Will make transition to percpu counters easier. ok bluhm@ (jca@) ~ if_etherip.h > Sync struct etheripstat decl with netinet/ip_ether.h (jca@) ~ if.c > Do not unset IFF_UP twice. > ok stsp@, claudio@, mikeb@, dlg@ (mpi@) ~ if_ppp.c > No need to clear IFF_UP after calling if_down(). (mpi@) ~ pf.c > Prevent integer overflow in PF when calculating the adaptive timeout. > Mainly states of established TCP connections whould be affected resulting > in immediate state removal once the numer of states is bigger than > adaptive.start. Disabling adative timeouts is a workaround to avoid this > bug. > Issue found and initial diff by Mathieu Blanc (mathieu.blanc at cea dot fr) > OK mikeb@ (claudio@) ~ rtsock.c > Remove unecessary splsoftnet()/splx() dances. > ok bluhm@, claudio@ (mpi@) ~ pf.c TAGGED OPENBSD_6_0 > OpenBSD 6.0 errata 19 > MFC sys/net/pf.c rev 1.1018 claudio > Prevent integer overflow in PF when calculating the adaptive timeout. > Mainly states of established TCP connections whould be affected resulting > in immediate state removal once the numer of states is bigger than > adaptive.start. Disabling adative timeouts is a workaround to avoid this > bug. > Issue found and initial diff by Mathieu Blanc (mathieu.blanc at cea dot fr) > OK mikeb@ (benno@) ~ pf.c TAGGED OPENBSD_5_9 > OpenBSD 5.9 errata 36 > MFC sys/net/pf.c rev 1.1018 claudio > Prevent integer overflow in PF when calculating the adaptive timeout. > Mainly states of established TCP connections whould be affected resulting > in immediate state removal once the numer of states is bigger than > adaptive.start. Disabling adative timeouts is a workaround to avoid this > bug. > Issue found and initial diff by Mathieu Blanc (mathieu.blanc at cea dot fr) > OK mikeb@ (benno@) ~ bfd.c ~ bfd.h TAGGED OPENBSD_5_9 > move receiving and processing the BFD packet into a task (phessler@) ~ bfd.c ~ bfd.h TAGGED OPENBSD_5_9 > move clearing the bfd config to a task. while here, fix a typo (phessler@) ~ if_pfsync.c TAGGED OPENBSD_5_9 > Add a detachhook to pfsync(4) which deals with the syncdev going away. > Fixes a panic observed by douple-p (aka pb@) when destroying the syncdev. > tweak & ok mpi@ (stsp@) net80211 ~ ieee80211_ioctl.c ~ ieee80211_ioctl.h > Make 'ifconfig scan' display AP encryption correctly if WEP is configured > on the local wifi interface. ifconfig was mistakenly showing the common > supported subset of client and AP, rather than showing the AP's > capabilities. > Exposes WPA protocol capabilities in struct ieee80211_nodereq, which means > ifconfig must be recompiled to run on a new kernel. > ok deraadt@ mpi@ (stsp@) ~ ieee80211_input.c ~ ieee80211_ioctl.c ~ ieee80211_node.h > Introduce separate fields for supported WPA protocols and AKMs in struct > ieee80211_node. Pass these fields to 'ifconfig scan' instead of giving it > currently configured/enabled settings. > Fixes display of AP WPA capabilities in 'ifconfig scan' while the wifi > interface is not configured to use WPA (my previous commit attempted to > fix the same problem but didn't make it work in all cases). > ok tb@ (stsp@) netinet ~ if_ether.c ~ in_pcb.c > Prefix functions dealing with routing messages with 'rtm_' and keep > them all in net/rtsock.c. > This allows to easily spot which functions are doing a copyout(9) > when dealing with the routing midlayer. > ok phessler@, bluhm@, dhill@, krw@, claudio@ (mpi@) ~ in_pcb.c > Kill global list of IPv6 addresses. > ok bluhm@ (mpi@) ~ in_pcb.c > Initially in_pcballoc() hooked all new inpcb, including the IPv6 > ones, into the IPv4 hash. They cannot be used before bind(2) anyway > and then they are rehashed and rehooked, so this was not noticed. > Nevertheless put IPv6 PCBs into the IPv6 hash from the beginning. > OK jca@ mpi@ (bluhm@) ~ in_pcb.c > When the inpcb queue and hash lists are traversed or modified we > need netlock. Remove the obsolete splnet. > OK mpi@ (bluhm@) ~ ip_ether.c ~ ip_ether.h > Rename struct etheripstat members for consistency, move them all to 64bits > Will make transition to percpu counters easier. ok bluhm@ (jca@) ~ in_proto.c ~ ip_ipip.c ~ ip_ipip.h > percpu counters for ip_ipip.c > ok bluhm@ dhill@ mpi@ (jca@) netinet6 ~ nd6_rtr.c > Prefix functions dealing with routing messages with 'rtm_' and keep > them all in net/rtsock.c. > This allows to easily spot which functions are doing a copyout(9) > when dealing with the routing midlayer. > ok phessler@, bluhm@, dhill@, krw@, claudio@ (mpi@) ~ in6.c ~ in6_var.h ~ ip6_input.c > Kill global list of IPv6 addresses. > ok bluhm@ (mpi@) ~ in6_pcb.c > When the inpcb queue and hash lists are traversed or modified we > need netlock. Remove the obsolete splnet. > OK mpi@ (bluhm@) ~ nd6.c > Always invalidate ND entries in nd6_free(). > This way RTF_CACHED entries are properly flushed. Fix a regression > reported by weerd@ and also tested by matthieu@. > ok bluhm@ (mpi@) sys ~ proc.h > We've fixed PID handling, so update the comment describing ps_mainproc > (guenther@) uvm ~ uvm_extern.h ~ uvm_unix.c > Generating a coredump requires walking the map twice; change > uvm_coredump_walkmap() to do both with a callback in between > so it can hold locks/change state across the two. > ok stefan@ (guenther@) ~ uvm_unix.c > Handle unshared amaps in uvm_coredump_walkmap() such that untouched pages > don't get written out to the core file but rather are represented via > segments which have memory size greater than their file size. This shrinks > core files and eliminates a case where core dumping fails with EFAULT. > This can still happen in the shared amap case. > Based on a problem report from (and testing by) semarie@ > ok stefan@ (guenther@) ~ uvm_unix.c > Don't take the vmmap lock when dumping core: it's not actually necessary > and it creates a lock-order-reversal with inode locks > ok stefan@ (guenther@) == usr.bin =========================================================== 11/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin doas ~ doas.c > exit test for -L was reversed. spotted by Michael Forney (tedu@) ftp ~ fetch.c > tls_close() can return TLS_WANT_POLLIN/TLS_WANT_POLLOUT, handle them > appropriately. > Ok jca@ (sunil@) lastcomm ~ lastcomm.c > Use sizeof directly instead of a macro from the scary <struct.h> > ok visa@ mpi@ millert@ kettenis@ deraadt@ (guenther@) mandoc ~ mdoc_markdown.c > URIs need different escaping; reported by reyk@ (schwarze@) ~ mandoc.1 ~ mandoc.h ~ mdoc_validate.c ~ read.c > Using .Nd only makes sense in the NAME section. > Warn if that macro occurs elsewhere. > Triggered by a question from Dag-Erling Smoergrav <des @ FreeBSD>. > (schwarze@) ~ mdoc_markdown.c > Fix .In formatting in the SYNOPSIS: > No ‌ in the middle of **, please. (schwarze@) ~ mdoc_markdown.c > implement .An -split and -nosplit (schwarze@) ~ mdoc_markdown.c > fix spacing after empty .Fl (schwarze@) ~ mdoc_markdown.c > fix completely empty .Eo: no blank line wanted (schwarze@) ~ mdoc_markdown.c > Escape blanks at the end of markdown lines > such that they don't look like output line breaks. (schwarze@) ~ read.c > If a user-defined macro is aborted because it exceeds the stack > limit, usually due to infinite recursion, discard whatever remains > in all those open stack levels. Otherwise, insane constructions > like the following could generate macros of enormous size, causing > mandoc(1) to die from memory exhaustion: > .de m \" original macro definition > .m \" recursion to blow up the stack > .de m \" definition to be run during the call of .m marked (*) > very long plain text (some kilobytes) > .m \" expand the above a thousand times while unwinding the stack > .. \" end of the original definition > .m \" (*) recursively generate a ridiculously large macro > .. \" end of recursively generated definition > .m \" execute the giant macro, exhausting memory > Very creative abuse found by tb@ with afl(1). (schwarze@) ~ roff.c > prevent infinite recursion while expanding the arguments > of a user-defined macro; issue found by tb@ with afl(1) (schwarze@) ~ mdoc_markdown.c > Add a blank after ">" when quoting. > If is allowed by markdown syntax and more human-readable. (schwarze@) ~ mdoc_markdown.c > .Bl -column never gets blank lines between rows (schwarze@) ~ mdoc_markdown.c > Do not increment .Bl -enum list markers beyond two digits. > Otherwise, we would indent subsequent paragraphs less than > the CommonMark specification requires, harming portability. (schwarze@) ~ mdoc_markdown.c > The CommonMark specification allows list markers fo the form "number) " > as well as "number. ", so escape closing parentheses after leading digits > to improve portability. (schwarze@) ~ mdoc_markdown.c > According to the CommonMark specification, backslash escapes > and markdown markup do not work inside code spans. (schwarze@) ~ mdoc_markdown.c > The CommonMark specification wants that opening parentheses > inside link destinations be escaped. > While here, remove the obsolete ESC_PAR. (schwarze@) ~ mandoc.1 > Document that -T markdown produces ASCII output, and the implied > limitations. Of course, we could write UTF-8 output instead, > but even the CommonMark specification doesn't require parsers > to support that, so portability would be doubtful. > While here, provide a link to the CommonMark specification. (schwarze@) ~ roff.c > Fix blunder in previous: we must keep the line parse buffer > consistent even when aborting the parsing of the line. That buffer > is not our own, but owned and reused by mparse_buf_r(), read.c. > Returning without cleanup leaked memory and caused write overruns > of the old, typically much smaller buffer in mparse_buf_r(). > Promptly noticed by tb@ with afl(1), using MALLOC_OPTIONS=C. (schwarze@) ~ mdoc_markdown.c > In markdown, autolinks are dangerous. Different compilers disagree > with respect to what constitutes a valid autolink, and if a compiler > deems an autolink invalid, the input turns into an unintended and > potentially harmful raw HTML tag. So, never write autolinks. > Instead of <link>, write [link](link). > Instead of <addr>, write [addr](mailto:addr). > Issue pointed out by bentley@, who also agrees with the general > direction of the change. (schwarze@) ~ eqn.c > Improve detection of recursive eqn(7) "define" statements: > Do not only catch "define key 'key other stuff'", > but also "define key 'other stuff key'". > Fixing infinite loop found by tb@ with afl(1). (schwarze@) nc ~ netcat.c > The netcat server did not print the correct TLS error message if > the handshake after accept had failed. Use the context of the > accepted TLS connection. > OK beck@ (bluhm@) netstat ~ inet.c > Rename struct etheripstat members for consistency, move them all to 64bits > Will make transition to percpu counters easier. ok bluhm@ (jca@) signify ~ signify.1 > show how to verify the next release after 6.1 (benno@) ssh ~ ssh-keygen.c > linenum is unsigned long so use %lu in log formats. ok deraadt@ (dtucker@) ~ ssh-keygen.c > Check l->hosts before dereferencing; fixes potential null pointer deref. > ok djm@ (dtucker@) ~ ssh.c > quote [host]:port in generated ProxyJump commandline; the [ / ] > characters can confuse some shells (e.g. zsh). > Reported by Lauri Tirkkonen via bugs@ (djm@) ~ digest-openssl.c > Validate digest arg in ssh_digest_final; from jjelen at redhat.com via > bz#2687, ok djm@ (dtucker@) ~ log.c > don't truncate off \r\n from long stderr lines; bz#2688, reported by > Brian Dyson; ok dtucker@ (djm@) ~ ssh-keyscan.c > correctly hash hosts with a port number. Reported by Josh Powers in > bz#2692; ok dtucker@ (djm@) ~ sshconnect.c > Plug descriptor leaks of auth_sock. From jjelen at redhat.com via > bz#2687, ok djm@ (dtucker@) ~ readconf.c > Plug mem leak on GLOB_NOMATCH case. From jjelen at redhat.com via > bz#2687, ok djm@ (dtucker@) ~ kex.c > Plug some mem leaks mostly on error paths. From jjelen at redhat.com > via bz#2687, ok djm@ (dtucker@) ~ sshkey.c > Check for NULL argument to sshkey_read. Patch from jjelen at redhat.com > via bz#2687, ok djm@ (dtucker@) ~ match.c > reword a comment to make it fit 80 columns (djm@) ~ sshconnect1.c > Check for NULL return value from key_new. Patch from jjelen at redhat.com > via bz#2687, ok djm@ (dtucker@) ~ kex.c ~ ssh.c ~ sshkey.c ~ sshkey.h > fix regression in 7.4 server-sig-algs, where we were accidentally > excluding SHA2 RSA signature methods. bz#2680, patch from Nuno > Goncalves; ok dtucker@ (djm@) ~ servconf.c > Remove old null check from config dumper. Patch from jjelen at redhat.com > vi bz#2687, ok djm@ (dtucker@) ~ match.c > make hostname matching really insensitive to case; bz#2685, > reported by Petr Cerny; ok dtucker@ (djm@) ~ hostfile.c ~ ssh-keygen.c ~ ssh-keyscan.c > ensure hostname is lower-case before hashing it; bz#2591 reported by > Griff Miller II; ok dtucker@ (djm@) ~ readconf.c > better match sshd config parser behaviour: fatal() if line is overlong, > increase line buffer to match sshd's; bz#2651 reported by Don Fong; > ok dtucker@ (djm@) ~ clientloop.c > When updating hostkeys, accept RSA keys if HostkeyAlgorithms contains > any RSA keytype. Previously, ssh could ignore RSA keys when any of the > ssh-rsa-sha2-* methods was enabled in HostkeyAlgorithms nit ssh-rsa > (SHA1 signatures) was not. bz#2650 reported by Luis Ressel; > ok dtucker@ (djm@) ~ krl.c > krl.c (dtucker@) ~ packet.c > Don't count the initial block twice when computing how many bytes > to discard for the work around for the attacks against CBC-mode. > ok djm@; report from Jean Paul, Kenny, Martin and Torben @ RHUL (markus@) ~ sshconnect2.c > allow ssh to use certificates accompanied by a private key file but no > corresponding plain *.pub public key. bz#2617 based on patch from > Adam Eijdenberg; ok dtucker@ markus@ (djm@) tmux ~ screen-write.c > When redrawing a combined UTF-8 characters in its existing position, > need to save and restore the cursor so that the next character goes into > the right place. (nicm@) ~ tty.c > Collect strings correctly when on terminals that don't support UTF-8. > (nicm@) ~ grid.c > If moving cells outside the current used count, update it. (nicm@) ~ screen-write.c > Need to flush before writing out cells we are not collecting, also add > some extra logging. (nicm@) ~ cmd-attach-session.c ~ cmd-break-pane.c ~ cmd-if-shell.c ~ cmd-new-session.c ~ cmd-new-window.c ~ cmd-run-shell.c ~ cmd-split-window.c ~ control-notify.c ~ format.c ~ tmux.h ~ window-copy.c > Add a helper function for the most common format_create/defaults/expand > pattern. (nicm@) ~ tty.c > Always send smkx to the terminal outside, the keys we get from terminfo > are the keys when it is on. (nicm@) ~ options.c > Handle empty options correctly. (nicm@) ~ window-copy.c > Skip over padding cells when moving the cursor left or right. (nicm@) ~ cmd-respawn-pane.c ~ cmd-respawn-window.c ~ cmd-split-window.c ~ environ.c ~ job.c ~ server-fn.c ~ session.c ~ tmux.h > Move server_fill_environ into environ.c and move some other common code > into it. (nicm@) ~ cmd-display-panes.c ~ server-client.c ~ server-fn.c ~ tmux.h > Move the client identify (display-panes) code into server-client.c. (nicm@) ~ server-client.c > Clear the bracket paste mode when in the command prompt. (nicm@) ~ cmd-find.c > Only look for window and pane parts of target as a sesson and window if > they look like an ID. (nicm@) ~ layout.c > Fix calculation of size for full size splits. (nicm@) == usr.sbin ========================================================== 12/12 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin httpd ~ server_http.c > Sync from relayd: DELETE can have a body. > Fix by Rivo Nurges, fixes a problem with Atlassian JIRA > OK benno@ (reyk@) pkg_add ~ OpenBSD/PackageLocation.pm > error message bugfix: forgot to pass object around, so > parse_problems would report unspecific repository issues instead of trouble > with a given package. (espie@) ~ OpenBSD/PackageRepository.pm > more error streamlining: > - if we don't have an object for fetch, then we're grabbing a list for http > "not found" means it's not a proper package directory. > - report once for "empty" repositories, and we know the difference between > an empty dir and a non existing directory > - if we have an object, save we already reported an error to avoiding > cascading error reports (espie@) ~ OpenBSD/Handle.pm > get rid of redundant "Can't find CONTENTS" if the location already twitted > (espie@) ~ OpenBSD/Handle.pm ~ OpenBSD/PkgAdd.pm > if we reported "Can't find CONTENTS", we know it's a bad package, > so no need to say it again (espie@) ~ OpenBSD/md5.pm > Digest::SHA is nasty: it shows an incomplete error message if the > file can't be read properly (got a Read error on delete), > so stop trying to do things ourselves, just wrap the error to inject > a decent error message, catching inexistent files and read errors in > the process. (espie@) ~ OpenBSD/Handle.pm > okay "can't find" means error reported as well (espie@) - pkg.conf.5 > somehow it didn't get removed even though it's no longer installed (espie@) ~ OpenBSD/PackageLocator.pm ~ OpenBSD/State.pm > tweak installurl code to return a single string that gets parsed > so that we don't have to write the same thing twice later. (espie@) ~ OpenBSD/Delete.pm > take the checksum part out of line. > Fix the "no checksum" part: pass thru do_not_delete, and do it even if > quick is set. > Simplify the error messages in case realname and fullname are identical > (which is the most common case) (espie@) ~ OpenBSD/PackageRepository.pm ~ OpenBSD/PackageRepository/Installed.pm > tweak %m to expand to %c, and make %c more magical: > on a -stable system, %c/packages will expand to > two directories in support of packages-stable, > with the -stable directory being "silent". > Also add a -Dsnap option that forces %c to be snapshots > so that the last weeks of testing of release are less > painful. > okay aja@ (espie@) ~ pkg_add.1 ~ pkg_delete.1 > document recent changes. > acknowledge that installurl requires some internal treatment > explain how %c works now. > Document -Dsnap and -V > Remove the pesky spaces in -Dname, since no-one types the space ever > (espie@) ~ OpenBSD/PkgCheck.pm > compute_digest already clones object's class, no need to ref here. (espie@) ~ pkg_add.1 > Make spacing after -D consistent. > Manual pages should only use .Fl X Ns Ar in the unusual case that no > space is allowed between the option letter and the option argument. > See POSIX for details: > http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap12.html > OK espie@ (schwarze@) ~ pkg_create.1 ~ pkg_delete.1 > more consistency on .Fl ... Ns Ar lines, requested by jmc@ (schwarze@) relayd ~ relay_http.c > DELETE can have a body. > Fix by Rivo Nurges, fixes a problem with Atlassian JIRA > OK benno@ (reyk@) switchd ~ switchd.conf.5 > argument to the document description (Nd) macro should be lowercase. > ok jmc@ (sobrado@) sysmerge ~ sysmerge.sh > Just exit 1 instead of printing usage on error. > prodded by deraadt@ (ajacoutot@) tcpdump ~ print-etherip.c > Fix etherip version parsing, ok dlg@ (jca@) =============================================================================== _______________________________________________ owc mailing list [email protected] http://www.squish.net/mailman/listinfo/owc
