OpenBSD src changes summary for 2017-09-17 to 2017-09-24 inclusive
==================================================================

Makefile.cross                          distrib/alpha
distrib/hppa                            distrib/ramdisk
distrib/sparc64                         etc/examples/bgpd.conf
gnu/usr.bin/perl                        lib/libc
lib/libtls                              regress/usr.bin
regress/usr.sbin                        sbin/dhclient
sbin/isakmpd                            share/man
sys/arch/arm64/conf                     sys/arch/armv7/conf
sys/arch/armv7/imx                      sys/arch/octeon/dev
sys/arch/octeon/octeon                  sys/dev/fdt
sys/dev/ic                              sys/dev/pci
sys/dev/usb                             sys/netinet
usr.bin/ctfconv                         usr.bin/ctfdump
usr.bin/file                            usr.bin/ssh
usr.bin/tmux                            usr.sbin/bgpctl
usr.sbin/lpr                            usr.sbin/pkg_add
usr.sbin/relayd                         usr.sbin/syslogd
usr.sbin/vmd                            

== Makefile.cross ==================================================== 01/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/Makefile.cross

Makefile.cross


  > Compile the cross-compiler in the target's objdir instead of polluting
  > the host's.  This also allows compiling multiple toolchains in parallel.
  > Clean up the clang object files afterwards so it doesn't collide with
  > the cross-compiled compiler build. (patrick@)

== distrib =========================================================== 02/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib

alpha

  ~ Makefile                              

  > Give up on alpha floppies for now (deraadt@)

  ~ bsd.rd/Makefile                       ~ common/Makefile.inc
  ~ inst-common/Makefile.inc              

  > Some further shrinking, but obviously not enough.  Something unknown
  > caused bloat about a month ago (and it wasn't purely the ctf additions
  > since those are being stripped).  Maybe the compiler generates
  > different code when stronger debugging information is requested? (deraadt@)

  ~ bsd.rd/Makefile                       ~ common/Makefile.inc
  ~ inst-common/Makefile.inc              

  > drop ${STRIP}, it's just 'strip'
  > ok deraadt@ (jasper@)

  ~ bsd.rd/Makefile                       ~ common/Makefile.inc

  > drop ${GZIPCMD} and just use 'gzip' (jasper@)

hppa

  ~ ramdisk/Makefile                      

  > drop ${STRIP}, it's just 'strip'
  > ok deraadt@ (jasper@)

  ~ ramdisk/Makefile                      

  > drop ${GZIPCMD} and just use 'gzip' (jasper@)

ramdisk

  ~ Makefile                              

  > use strip directly.  The layers if macros are not actually helpful.
  > (deraadt@)

  ~ Makefile                              

  > drop ${GZIPCMD} and just use 'gzip' (jasper@)

sparc64

  ~ bsd.rd/Makefile                       

  > drop ${STRIP}, it's just 'strip'
  > ok deraadt@ (jasper@)

  ~ bsd.rd/Makefile                       ~ ramdisk/Makefile
  ~ ramdiskB/Makefile                     

  > drop ${GZIPCMD} and just use 'gzip' (jasper@)

  ~ ramdisk/Makefile                      ~ ramdiskB/Makefile

  > remove unused GZIPEXT (jasper@)

== etc =============================================================== 03/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc

examples/bgpd.conf

  ~ examples/bgpd.conf                    

  > fix the example neighbor configurations
  > noticed by Alex Holst
  > OK henning@ (phessler@)

== gnu =============================================================== 04/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu

usr.bin/perl

  ~ regcomp.c                             

  > A buffer over-read and heap overflow in perl's regexp may result in
  > a crash or memory leak.
  > Fixes
  > * CVE-2017-12883 (Buffer over-read)
  > * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
  > Patches by Karl Williamson (afresh1@)

  ~ regcomp.c                             

  TAGGED OPENBSD_6_1
  > A buffer over-read and heap overflow in perl's regexp may result in
  > a crash or memory leak.
  > Fixes
  > * CVE-2017-12883 (Buffer over-read)
  > * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
  > Patches by Karl Williamson (afresh1@)

  ~ regcomp.c                             

  TAGGED OPENBSD_6_0
  > A buffer over-read and heap overflow in perl's regexp may result in
  > a crash or memory leak.
  > Fixes
  > * CVE-2017-12883 (Buffer over-read)
  > * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
  > Patches by Karl Williamson <khw cpan.org>
  > Backport, including additional required patches by Niko Tyni <ntyni
  > debian.org> (afresh1@)

== lib =============================================================== 05/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib

libc

  ~ gen/setprogname.c                     

  > __progname has type char *, we cannot change its type without causing
  > havoc all over the place. So add some casts to silence the compiler.
  > ok deraadt@ guenther@ (otto@)

  ~ gen/directory.3                       

  > Document readdir_r() return value and update style of the example
  > code.  Adapted from a diff by Ross L Richardson. (millert@)

  ~ sys/write.2                           

  > Properly document the typical write(2) loop,
  > and delete misleading parts from the CAVEATS;
  > issue reported by <ScottCheloha at gmail dot com> on bugs@;
  > OK espie@ millert@ (schwarze@)

  ~ sys/write.2                           

  > tweak previous: remove trailing blank and improve a wording;
  > requested by jmc@ (schwarze@)

  ~ stdlib/malloc.c                       

  > Make delayed free non-optional and make F do an extensive double free
  > check.
  > ok tb@ tedu@ (otto@)

  ~ asr/asr_utils.c                       

  > Kill unused function
  > Spotted by krw@ (jca@)

libtls

  ~ tls_ocsp.c                            

  > Fix indentation. (jsing@)

  ~ tls_ocsp.c                            

  > Provide a useful error if there are no OCSP URLs in the peer certificate.
  > (jsing@)

  ~ tls_ocsp.c                            

  > Slightly restructure tls_ocsp_verify_cb() to make it more like libtls code.
  > (jsing@)

  ~ tls.c                                 ~ tls_internal.h
  ~ tls_ocsp.c                            ~ tls_server.c

  > Keep track of which keypair is in use by a TLS context.
  > This fixes a bug where by a TLS server with SNI would always only return
  > the OCSP staple for the default keypair, rather than returning the OCSP
  > staple associated with the keypair that was selected via SNI.
  > Issue reported by William Graeber and confirmed by Andreas Bartelt.
  > Fix tested by William Graeber and Andreas Bartelt - thanks! (jsing@)

== regress =========================================================== 06/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress

usr.bin

  ~ ssh/dynamic-forward.sh                

  > test reverse dynamic forwarding with SOCKS (markus@)

usr.sbin

  ~ syslogd/Makefile                      ~ syslogd/args-fdexhaustion-config.pl
  ~ syslogd/args-fdexhaustion-sighup.pl   ~ syslogd/args-fdexhaustion-tcp.pl

  > If file descriptors are exhausted during initialization, we see
  > better log messages on the console now. (bluhm@)

  ~ relayd/args-http-chunked-callback.pl

  > Avoid race in relayd test that uses an invalid chunked header.  Wait
  > until server has started, then expect error message in server log. (bluhm@)

== sbin ============================================================== 07/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin

dhclient

  ~ bpf.c                                 ~ clparse.c
  ~ dhclient.c                            ~ dhcpd.h
  ~ dispatch.c                            ~ kroute.c
  ~ options.c                             ~ packet.c
  ~ privsep.c                             

  > Create global 'log_procname' and set it to '<ifname>' or
  > '<ifname> [priv]' as appropriate for the process doing the
  > setting. Use it as the prefix in all log_*() output. Makes
  > tracking messages for an interface or a process much easier. (krw@)

  ~ parse.c                               

  > Oops. Missed a file.
  > Create global 'log_procname' and set it to '<ifname>' or
  > '<ifname> [priv]' as appropriate for the process doing the
  > setting. Use it as the prefix in all log_*() output. Makes
  > tracking messages for an interface or a process much easier. (krw@)

  ~ dhclient.c                            

  > Missed a log_warnx(). Nuke an extraneous space. (krw@)

  ~ dispatch.c                            

  > flush_unpriv_ibuf() is now used only once so no
  > need to complicate things by passing it a string
  > identifying where it was called. Tweak log
  > verbiage. (krw@)

  ~ bpf.c                                 ~ dhclient.c

  > Make send_packet() usage consistent. i.e. don't exit
  > if send_packet(DISCOVER) fails.
  > Distinguish between writev() and sendmsg() errors in
  > send_packet() log messages.
  > Check for short writes no matter how the packet is
  > output. Return failure in this occurs. Check results
  > of all send_packet() calls.
  > If send_packet() fails, don't log that the DHCP message
  > was sent. (krw@)

  ~ bpf.c                                 ~ dhclient.c

  > Nuke a few extraneous blanks. (krw@)

  ~ bpf.c                                 ~ dhclient.c
  ~ dhcpd.h                               

  > Make send_packet() log entries more informative by
  > providing the name of the packet type that causes
  > an error. (krw@)

  ~ dispatch.c                            

  > Remove stray %s/ifi->name from fatalx(). (krw@)

  ~ clparse.c                             ~ dhclient.c
  ~ kroute.c                              ~ options.c

  > Wrong captilization, long lines. (krw@)

  ~ kroute.c                              

  > Use consistant simple verbiage when SIOC* ioctl's fail. (krw@)

  ~ bpf.c                                 ~ dhclient.c
  ~ dispatch.c                            ~ kroute.c

  > Make log messages more informative by using the
  > name of the function that failed and the significant
  > parameters. Distinguish between poll() errors and
  > problematic revents values. (krw@)

  ~ privsep.c                             ~ kroute.c
  ~ dhclient.c                            ~ clparse.c

  > Tweak, shorten, use more consistant verbiage. (krw@)

  ~ dhclient.c                            ~ dispatch.c

  > Fix some spacing. A couple of log_warx() -> log_warn() to
  > use standard error messages for malloc errors. (krw@)

  ~ dhclient.c                            

  > Fix '-u' option (reject offers that include unknown
  > DHCP options). Broken by r1.204, 4 years, 8 months
  > ago. (krw@)

  ~ dhclient.c                            

  > Shorten and otherwise tweak the verbiage
  > around packet -> lease processing. (krw@)

  ~ dhclient.8                            ~ dhclient.c

  > Remove the '-u' command line option to
  > ignore offers containing unknown DHCP
  > options. Broken in 2013 and nobody
  > noticed.
  > ok mpi@ (krw@)

isakmpd

  ~ exchange.c                            ~ exchange.h

  > Check for failures of exchange_establish_p{1,2}() and call the given
  > `finalize' function with the `fail' argument when this happen.
  > Introduce some sanity checks in exchange_free() to be able to call if
  > even if the data structure isn't completely initialized.
  > Plug memory leaks when exchange_establish() fails.  While here fix a
  > double free in one of the error paths.
  > Based on a diff from hshoexer@, ok stsp@, markus@ (mpi@)

== share ============================================================= 08/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share

man

  ~ man4/man4.amd64/mem.4                 ~ man4/man4.i386/mem.4

  > link to mtrr(4) because the mem(4) driver supports ioctl(2)
  > in addition to read(2) and write(2) and because
  > that ioctl(2) support is documented in mtrr(4);
  > OK jmc@ (schwarze@)

  ~ man4/hyperv.4                         

  > Mention that Generation 2 Virtual Machines are currently not supported
  > (mikeb@)

  ~ man5/remote.5                         

  > Add missing new line; ok jmc@ (anton@)

  ~ man5/malloc.conf.5                    

  > F changed meaning a bit; ok tb@ (otto@)

== sys =============================================================== 09/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys

arch/arm64/conf

  ~ GENERIC                               ~ RAMDISK

  > Enable syscon(4). (patrick@)

  ~ GENERIC                               ~ RAMDISK

  > Add dwxe(4), a driver the Synopsis DesignWare Ethernet controller used
  > on the Allwinner A64, H3 and H5 SoCs.  This makes the onboard ethernet
  > usable on the popular Pine A64 and NanoPi Neo2.  The skeleton used for
  > this driver is taken from tsec(4).
  > ok kettenis@ (patrick@)

arch/armv7/conf

  ~ GENERIC                               ~ RAMDISK

  > Enable dwxe(4) on armv7 as well for use on the Allwinner H3 SoC.
  > Prompted by jsg@ (patrick@)

arch/armv7/imx

  ~ imxocotp.c                            

  > Raise match priority such that imxocotp(4) wins over syscon(4).
  > ok patrick@ (kettenis@)

  ~ imxocotp.c                            ~ imxocotpvar.h

  > Remove unused code. (kettenis@)

arch/octeon/dev

  ~ cn30xxuart.c                          

  > Ensure proper order of register accesses by readback after write.
  > This fixes spurious interrupts seen on CN7360. (visa@)

  ~ octmmc.c                              

  > Allocate a bounce buffer once during init and reuse it for DMA commands.
  > This makes the system a bit harder to corner when paging to SD/MMC.
  > In addition, limit the maximum DMA segment size to MAXPHYS. (visa@)

  ~ octmmc.c                              

  > Do not bounce if possible. (visa@)

  ~ octmmc.c                              

  > Fix controller locking so that it covers the DMA map and bounce buffer.
  > Those are shared by SD/MMC buses. (visa@)

arch/octeon/octeon

  ~ machdep.c                             

  > Do not print "cpuX launched" any longer. This reduces dmesg spam
  > on multicore systems. (visa@)

dev/fdt

  ~ syscon.c                              

  > Add support for being a regmap provider in syscon(4).  So far the driver
  > supports being used as a regmap client to reset or power down a machine,
  > so this change implements the other side where we provide the registers
  > to write into.
  > ok kettenis@ (patrick@)

  ~ files.fdt                             + if_dwxe.c

  > Add dwxe(4), a driver the Synopsis DesignWare Ethernet controller used
  > on the Allwinner A64, H3 and H5 SoCs.  This makes the onboard ethernet
  > usable on the popular Pine A64 and NanoPi Neo2.  The skeleton used for
  > this driver is taken from tsec(4).
  > ok kettenis@ (patrick@)

dev/ic

  ~ r92creg.h                             ~ rtwn.c

  > - Fix short preamble for rtl8188eu
  > - Use R92C_MSR rather than R92C_CR to set media status
  > - Replace magic numbers with something more readable
  > ok stsp@ (kevlo@)

  ~ acx100.c                              ~ atw.c
  ~ rtw.c                                 

  > Use ieee80211_has_addr4() inline function where possible.
  > ok stsp@ (kevlo@)

  ~ rtwn.c                                

  > Fix build on octeon by reverting two cosmetic changes in rtwn.c r1.34.
  > Compiler complained:
  > warning: large integer implicitly truncated to unsigned type
  > No functional change.
  > reported by & ok visa@ (stsp@)

dev/pci

  ~ azalia.c                              

  > Move the powering down of all codecs into azalia_halt_corb() after the
  > check that the CORB is running. Fixes a regression introduced in -r1.236
  > that resulted in printing 'azalia0: CORB is not running' on each suspend
  > resume cycle. Issue reported on icb by mlarkin; tested by Manuel Giraud,
  > ratchov and myself.
  > ok ratchov (tb@)

dev/usb

  ~ usbdi.c                               

  > Disable a splsoftassert() at least until ohci(4) has been fixed.
  > This assert triggers because of the floor check on amd64/sparc64
  > when ohci(4) processes its root-hub status change transfers at
  > IPL_BIO.
  > Previous to the removal of IPL_SOFTNET, the SPLUSBCHECK macro didn't
  > do anything, so it is safe to disable this check.
  > Issue reported by espie@ and krw@ (mpi@)

  ~ uhid.c                                

  > Add dummy FIOASYNC handler.
  > Without it uhid_do_ioctl() will return EINVAL which will make the
  > upper layer assume that uhid node do not support non-blocking reads.
  > Fix a regression introduced by the removal of SIGIO support.
  > Reported by many, fix tested by Bryan Linton, Micah Muer and Nam Nguyen.
  > (mpi@)

netinet

  ~ ip_output.c                           

  > Use m_copym() instead of m_dup_pkt() to fix a kernel assert when
  > setting IP options.
  > Issue reported by Kapetanakis Giannis
  > OK mpi@ (visa@)

== usr.bin =========================================================== 10/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin

ctfconv

  ~ ctfconv.c                             

  > fix fd leaks in error paths
  > ok mpi@ (jsg@)

  ~ parse.c                               

  > Ignore DW_FORM_strp with size larger than elf section buffer
  > fixes accessing memory out of bounds that led to a segfault.
  > Found with afl. ok mpi@ (jsg@)

  ~ parse.c                               

  > Handle parse_base() returning NULL for DW_TAG_base_type to avoid
  > attemping to insert a NULL iterator leading to a NULL deref crash.
  > Found with afl.  ok mpi@ (jsg@)

ctfdump

  ~ ctfdump.c                             

  > fix fd leaks in error paths
  > ok mpi@ (jsg@)

  ~ ctfdump.c                             

  > Show floating-point encoding by name in ctfdump(1)
  > ok mpi (uwe@)

  ~ ctfdump.c                             

  > Fix off by one in ctf_enc2name (who uses SIGNED BOOL anyway?)
  > ok mpi (uwe@)

file

  ~ magic.5                               

  > add missing types; from klemens nanni
  > ok nicm (jmc@)

ssh

  ~ servconf.c                            

  > Add braces missing after channels refactor.  ok markus@ (dtucker@)

  ~ mux.c                                 

  > Prevent type mismatch warning in debug on platforms where sig_atomic_t
  > != int.  ok djm@ (dtucker@)

  ~ clientloop.c                          

  > fix use-after-free in ~^Z escape handler path, introduced in channels.c
  > refactor; spotted by millert@ "makes sense" deraadt@ (djm@)

  ~ channels.c                            

  > Use explicit_bzero() instead of bzero() before free() to prevent
  > the compiler from optimizing away the bzero() call.  OK djm@ (millert@)

  ~ mux.c                                 

  > Use strsignal in debug message instead of casting for the benefit of
  > portable where sig_atomic_t might not be int.  "much nicer" deraadt@
  > (dtucker@)

  ~ channels.c                            ~ channels.h
  ~ readconf.c                            ~ ssh.1
  ~ ssh.c                                 ~ ssh_config.5

  > Add 'reverse' dynamic forwarding which combines dynamic forwarding
  > (-D) with remote forwarding (-R) where the remote-forwarded port
  > expects SOCKS-requests.
  > The SSH server code is unchanged and the parsing happens at the SSH
  > clients side. Thus the full SOCKS-request is sent over the forwarded
  > channel and the client parses c->output. Parsing happens in
  > channel_before_prepare_select(), _before_ the select bitmask is
  > computed in the pre[] handlers, but after network input processing
  > in the post[] handlers.
  > help and ok djm@ (markus@)

  ~ channels.c                            

  > fix tunnel forwarding problem introduced in refactor; reported by
  > stsp@ ok markus@ (djm@)

  ~ channels.c                            

  > write the correct buffer when tunnel forwarding; doesn't matter
  > on OpenBSD (they are the same) but does matter on portable where
  > we use an output filter to translate os-specific tun/tap headers (djm@)

  ~ channels.c                            

  > fix inverted test on channel open failure path that "upgraded" a
  > transient failure into a fatal error; reported by sthen and also seen
  > by benno@; ok sthen@ (djm@)

tmux

  ~ alerts.c                              

  > Initialize alerts timer event where it is used, avoids crash with new
  > windows. (nicm@)

== usr.sbin ========================================================== 11/11 ==

  http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin

bgpctl

  ~ bgpctl.8                              

  > word fix; from tom smyth (jmc@)

lpr

  ~ lpd/printjob.c                        

  > Avoid overflow/truncation during string->integer converion by eliminating
  > the 'int' temporary variable.
  > problem reported by Jacob Zimmermann (jacobz (at) senseofsecurity.com.au)
  > ok deraadt@ (guenther@)

pkg_add

  ~ OpenBSD/PkgCreate.pm                  ~ OpenBSD/Signature.pm

  > -V option for pkg_create and incorporate version into signatures. (espie@)

  ~ OpenBSD/PkgCreate.pm                  

  > better diagnostics (espie@)

  ~ package.5                             ~ pkg_create.1
  ~ pkg_info.1                            

  > document @version (espie@)

relayd

  ~ relay.c                               ~ relay_http.c

  > The relayd regression tests for chunked HTTP traffic were failing
  > sporadically.  If the \r and \n were read in separate chunks, relayd
  > got out of sync with the protocol as they were interpreted as two
  > lines.  Use evbuffer_readln() with EVBUFFER_EOL_CRLF instead of
  > evbuffer_readline().
  > OK benno@ (bluhm@)

syslogd

  ~ syslogd.c                             

  > When writing local output, syslogd ignores EAGAIN.  Unfortunately
  > it has closed the file descriptor before checking the errno.  So
  > f_file contained a bad file descriptor that could be reused at the
  > next open.  Keep the file open if errno is EAGAIN.  Move the close(2)
  > down where the old file descriptor in f_file is overwritten in all
  > cases.
  > OK deraadt@ jca@ (bluhm@)

  ~ syslogd.c                             

  > syslogd has special code to report errors before it has been
  > initialized.  For every message it did reopen the console with file
  > descriptor passing from the privsep parent.  Now preopen the console,
  > so writing the message out works in more cases.  If the console has
  > been revoked, a reopen via privsep and write again is tried anyway.
  > OK brynet@ deraadt@ jca@ (bluhm@)

vmd

  ~ vm.c                                  

  > vmd: re add rtc.per and rtc.sec evtimers on receive
  > This was missed in receive. mc146818_start is already defined. This fixes
  > rtc
  > time resync on receive.
  > ok mlarkin@ (pd@)

  ~ pci.c                                 ~ pci.h
  ~ virtio.c                              ~ virtio.h
  ~ vm.c                                  

  > vmd: send/recv pci config space instead of recreating pci devices on
  > receive
  > ok mlarkin@ (pd@)

  ~ i8259.c                               

  > protect i8259 state with a mutex.
  > this allows interrupts to be safely posted by multiple threads.
  > ok mlarkin@ (dlg@)

  ~ vm.c                                  

  > Clarify a wrong conditional, found by jsg.
  > ok jsg (mlarkin@)

===============================================================================
_______________________________________________
owc mailing list
[email protected]
http://www.squish.net/mailman/listinfo/owc

Reply via email to