CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2017/01/05 20:53:58 Modified files: usr.bin/ssh: readconf.c Log message: show a useful error message when included config files can't be opened; bz#2653, ok dtucker@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2017/01/05 20:45:57 Modified files: lib/libcrypto/man: BIO_f_base64.3 Log message: Delete a cross reference to the non-existent manual page BIO_set_flags(3), reported by jmc@. Documenting that function would be a bad idea. All other flags are used internally and should better not be tampered with. It looks like an internal function that was made public by mistake, then abused for an unrelated user interface purpose: a classic case of botched user interface design. Instead, only show how to use this function for this one specific purpose. While here, delete a sentence from the DESCRIPTION that merely duplicated content from the BUGS section.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2017/01/05 20:45:41 Modified files: usr.bin/ssh: servconf.c Log message: sshd_config is documented to set GSSAPIStrictAcceptorCheck=yes by default, so actually make it do this. bz#2637 ok dtucker
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2017/01/05 20:41:58 Modified files: usr.bin/ssh: ssh-keyscan.c Log message: Avoid confusing error message when attempting to use ssh-keyscan built without SSH protocol v.1 to scan for v.1 keys; bz#2583
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2017/01/05 20:00:56 Modified files: lib/libcrypto/man: X509_NAME_add_entry_by_txt.3 Log message: Delete a sentence that attempted to explain an implementation detail by referencing a non-existent manual page. Broken .Xr reported by jmc@.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2017/01/05 19:51:16 Modified files: regress/usr.bin/ssh: agent-getpeereid.sh Log message: use correct ssh-add program; bz#2654, from Colin Watson
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2017/01/05 19:43:14 Modified files: lib/libcrypto/man: EVP_PKEY_sign.3 EVP_PKEY_verify_recover.3 Log message: fix typos in cross references reported by jmc@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2017/01/05 19:37:05 Modified files: lib/libcrypto/man: SMIME_read_PKCS7.3 Log message: Delete bogus cross reference reported by jmc@. Documenting these trivial PKCS7_type_is_*() macros does not seem useful, at least not right now.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2017/01/05 19:34:54 Modified files: usr.bin/ssh: sshd_config.5 Log message: Re-add '%k' token for AuthorizedKeysCommand which was lost during the re-org in rev 1.235. bz#2656, from jboning at gmail.com.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2017/01/05 19:29:18 Modified files: lib/libcrypto/man: BIO_s_bio.3 Log message: delete bogus cross references reported by jmc@ and add some missing escaping of backslashes while here
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2017/01/05 19:26:10 Modified files: regress/usr.bin/ssh: integrity.sh Log message: Account for timeouts in the integrity tests as failures. If the first test in a series for a given MAC happens to modify the low bytes of a packet length, then ssh will time out and this will be interpreted as a test failure. Patch from cjwatson at debian.org via bz#2658.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2017/01/05 19:09:25 Modified files: regress/usr.bin/ssh: forwarding.sh Log message: Make forwarding test less racy by using unix domain sockets instead of TCP ports where possible. Patch from cjwatson at debian.org via bz#2659.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2017/01/05 18:33:49 Modified files: usr.bin/mandoc : mandoc.1 Log message: sort options list; the same as jmc@ did in man.1 rev. 1.18
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2017/01/05 17:46:49 Modified files: sys/arch/arm/include: endian.h Log message: there is no longer a need to ifdef __armv7__ armv6 rev instructions
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2017/01/05 17:27:42 Modified files: lib/libcrypto/man: d2i_ASN1_OCTET_STRING.3 Log message: tweak previous;
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2017/01/05 17:06:02 Modified files: sys/arch/arm/arm: bcopyinout.S bus_space_asm_generic.S copystr.S cpufunc.c fault.c irq_dispatch.S locore.S sys/arch/arm/include: atomic.h cpu.h cpuconf.h cpufunc.h frame.h pmap.h sys/arch/arm/mainbus: mainbus.c Log message: unifdef CPU_ARMv7 and ARM_ARCH_7 ok kettenis@ patrick@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2017/01/05 16:13:07 Modified files: lib/libcrypto/man: d2i_ASN1_OCTET_STRING.3 Log message: Also document the weird d2i_ASN1_UINTEGER(3), listed in and in OpenSSL doc/man3/d2i_X509.pod (with wrong prototype).
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2017/01/05 15:38:04 Modified files: lib/libcrypto/man: ASN1_STRING_new.3 Makefile Added files: lib/libcrypto/man: d2i_ASN1_OCTET_STRING.3 Log message: Write new d2i_ASN1_OCTET_STRING(3) manual page from scratch. All 36 functions listed in and in OpenSSL doc/man3/d2i_X509.pod, six of them with wrong prototypes.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: patr...@cvs.openbsd.org 2017/01/05 14:25:52 Modified files: sys/arch/arm64/dev: agtimer.c Log message: Pass value as input instead of output register, otherwise we write garbage into the control register. While there remove positional argument leftover from the 32-bit version.
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: o...@cvs.openbsd.org2017/01/05 14:18:20 Modified files: app/cwm: kbfunc.c Log message: Ensure client stays inbound on key-based resize; based on logic existing in key-based client move; from Vadim Vygonets.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: na...@cvs.openbsd.org 2017/01/05 14:14:22 Modified files: libexec/ld.so : Makefile Log message: Build with -fno-builtin to keep clang from optimizing the _dl_memset() and _dl_bcopy() functions into calls to memset() and memcpy(). ok kettenis@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: t...@cvs.openbsd.org2017/01/05 10:58:24 Modified files: . : errata59.html errata60.html Log message: release libcrypto errata.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2017/01/05 10:54:15 Modified files: share/man/man5 : port-modules.5 Log message: Document cargo module. Joint work with semarie, rewording from sthen@, tweaks from jmc@. ok sthen@, jmc@, semarie (cargo maintainer)
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: t...@cvs.openbsd.org2017/01/05 10:37:00 Modified files: faq: current.html Log message: id attributes may not contain '/' characters.
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: t...@cvs.openbsd.org2017/01/05 10:33:27 Modified files: faq: current.html Log message: On amd64, armv7, i386, hppa and macppc, the bsd.rd installer defaults to https. Your autoinstall(8) response file may need the additional line Unable to connect using https. Use http instead = yes|no between the "HTTP Server" and "Set name(s)" responses.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: patr...@cvs.openbsd.org 2017/01/05 09:52:42 Modified files: lib/librthread/arch/arm: _atomic_lock.c sys/arch/armv7/include: spinlock.h Log message: Now that all non-ARMv7 platforms are gone, tedu the legacy atomic locking code. ok kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: patr...@cvs.openbsd.org 2017/01/05 09:16:17 Modified files: sys/arch/arm/arm: cpu.c sys/arch/arm/include: cpu.h Log message: Complete idle PCB allocation for secondary processors so that it makes sense and builds as part of an MP kernel. ok kettenis@ mpi@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2017/01/05 06:53:10 Modified files: usr.sbin/acme-client: parse.y usr.sbin/bgpd : parse.y usr.sbin/dvmrpd: parse.y usr.sbin/eigrpd: parse.y usr.sbin/hostapd: parse.y usr.sbin/httpd : parse.y usr.sbin/ifstated: parse.y usr.sbin/iscsictl: parse.y usr.sbin/ldapd : parse.y usr.sbin/ldpd : parse.y usr.sbin/ospf6d: parse.y usr.sbin/ospfd : parse.y usr.sbin/relayd: parse.y usr.sbin/ripd : parse.y usr.sbin/smtpd : parse.y usr.sbin/snmpd : parse.y usr.sbin/vmd : parse.y usr.sbin/ypldap: parse.y Log message: Replace hand-rolled for(;;) emptying of 'symhead' TAILQ with more modern TAILQ_FOREACH_SAFE(). No intentional functional change. ok millert@ bluhm@ gilles@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2017/01/05 06:28:48 Modified files: lib/libssl/src/crypto/ecdsa: Tag: OPENBSD_6_0 ecs_ossl.c Log message: MFC: Avoid a side-channel cache-timing attack that can leak the ECDSA private keys when signing. This is due to BN_mod_inverse() being used without the constant time flag being set. This issue was reported by Cesar Pereida Garcia and Billy Brumley (Tampere University of Technology). The fix was developed by Cesar Pereida Garcia.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2017/01/05 06:27:17 Modified files: lib/libssl/src/crypto/ecdsa: Tag: OPENBSD_5_9 ecs_ossl.c Log message: MFC: Avoid a side-channel cache-timing attack that can leak the ECDSA private keys when signing. This is due to BN_mod_inverse() being used without the constant time flag being set. This issue was reported by Cesar Pereida Garcia and Billy Brumley (Tampere University of Technology). The fix was developed by Cesar Pereida Garcia.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2017/01/05 06:25:52 Modified files: lib/libcrypto/ecdsa: ecs_ossl.c Log message: Avoid a side-channel cache-timing attack that can leak the ECDSA private keys when signing. This is due to BN_mod_inverse() being used without the constant time flag being set. This issue was reported by Cesar Pereida Garcia and Billy Brumley (Tampere University of Technology). The fix was developed by Cesar Pereida Garcia.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mi...@cvs.openbsd.org 2017/01/05 06:23:51 Modified files: sys/dev/pv : if_hvn.c if_xnf.c Log message: Checking whether mbuf list is empty is done by the if_input now
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mi...@cvs.openbsd.org 2017/01/05 06:17:22 Modified files: sys/dev/pv : hyperv.c hypervreg.h Log message: Microsoft has allocated us a SubID that we can use to identify OpenBSD
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2017/01/05 05:42:19 Modified files: sbin/iked : parse.y sbin/ipsecctl : parse.y sbin/pfctl : parse.y usr.sbin/acme-client: parse.y usr.sbin/bgpd : parse.y usr.sbin/dvmrpd: parse.y usr.sbin/eigrpd: parse.y usr.sbin/hostapd: parse.y usr.sbin/httpd : parse.y usr.sbin/ifstated: parse.y usr.sbin/iscsictl: parse.y usr.sbin/ldapd : parse.y usr.sbin/ldpd : parse.y usr.sbin/ospf6d: parse.y usr.sbin/ospfd : parse.y usr.sbin/relayd: parse.y usr.sbin/ripd : parse.y usr.sbin/smtpd : parse.y usr.sbin/snmpd : parse.y usr.sbin/switchd: parse.y usr.sbin/vmd : parse.y usr.sbin/ypldap: parse.y Log message: Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQ with more modern TAILQ_FOREACH(). This what symget() was already doing. Add paranoia '{}' around body of symget()'s TAILQ_FOREACH(). No intentional functional change. ok bluhm@ otto@
Re: CVS: cvs.openbsd.org: src
On Thu, 5 Jan 2017 12:26:28 +0100 Stefan Sperlingwrote: > On Thu, Jan 05, 2017 at 04:18:54AM -0700, Stefan Sperling wrote: >> CVSROOT: /cvs >> Module name: src >> Changes by: s...@cvs.openbsd.org2017/01/05 04:18:54 >> >> Modified files: >> sys/arch/amd64/stand/libsa: softraid_amd64.c >> >> Log message: >> Fix boot(8) crashing on some amd64 machines when booting from softraid >> crypto. >> Allocate a 4k temp buffer on the heap instead of the stack. >> Problem was introduced in arch/amd64/stand/libsa/softraid_amd64.c r1.3. >> Reported by Andreas Bartelt on bugs@ >> ok krw@ kettenis@ yasuoka@ > > and ok deraadt@ also tested on 4k disk by gonzalo@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: rzalam...@cvs.openbsd.org 2017/01/05 05:10:54 Modified files: sys/netinet: ip_mroute.c Log message: Remove some unnecessary code abstractions and while here remove a splsoftnet. ok mikeb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mi...@cvs.openbsd.org 2017/01/05 04:47:02 Modified files: sys/dev/pv : hyperv.c Log message: Don't let producer index become equal with the consumer when writing A nod to the re.c commit by dlg@, perhaps pure paranoia, but works nevertheless. While here replace a more expensive modulo operation with a subtraction.
Re: CVS: cvs.openbsd.org: src
On Thu, Jan 05, 2017 at 04:18:54AM -0700, Stefan Sperling wrote: > CVSROOT: /cvs > Module name: src > Changes by: s...@cvs.openbsd.org2017/01/05 04:18:54 > > Modified files: > sys/arch/amd64/stand/libsa: softraid_amd64.c > > Log message: > Fix boot(8) crashing on some amd64 machines when booting from softraid crypto. > Allocate a 4k temp buffer on the heap instead of the stack. > Problem was introduced in arch/amd64/stand/libsa/softraid_amd64.c r1.3. > Reported by Andreas Bartelt on bugs@ > ok krw@ kettenis@ yasuoka@ and ok deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: s...@cvs.openbsd.org2017/01/05 04:18:54 Modified files: sys/arch/amd64/stand/libsa: softraid_amd64.c Log message: Fix boot(8) crashing on some amd64 machines when booting from softraid crypto. Allocate a 4k temp buffer on the heap instead of the stack. Problem was introduced in arch/amd64/stand/libsa/softraid_amd64.c r1.3. Reported by Andreas Bartelt on bugs@ ok krw@ kettenis@ yasuoka@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: st...@cvs.openbsd.org 2017/01/05 02:51:56 Modified files: etc/examples : pkg.conf Log message: sync
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: st...@cvs.openbsd.org 2017/01/05 02:51:42 Modified files: . : ftp.html ftplist openbgpd : ftp.html openssh: ftp.html portable.html openntpd : portable.html Log message: sync
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: st...@cvs.openbsd.org 2017/01/05 02:51:05 Modified files: build : mirrors.dat Log message: add httpslist to the list of files that need committing in the comment at top
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: st...@cvs.openbsd.org 2017/01/05 02:50:32 Modified files: build : mirrors.dat Log message: comment-out Erlangen mirror (openbsd.cs.fau.de); hw issues, requested by Simon Kuhnle
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2017/01/05 02:34:44 Modified files: usr.bin/mandoc : man.1 Log message: sort options list;
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: n...@cvs.openbsd.org2017/01/05 02:07:16 Modified files: usr.bin/tmux : cmd-queue.c key-string.c screen-write.c status.c tmux.h window-copy.c Log message: Highlight all occurrences of search string after searching in copy mode.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2017/01/05 01:24:38 Modified files: lib/libcrypto/man: ASN1_STRING_new.3 d2i_ASN1_OBJECT.3 Log message: minor tweaks;