CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: mill...@cvs.openbsd.org 2023/05/25 16:43:48 Modified files: . : ftp.html ftplist httpslist build : mirrors.dat openbgpd : ftp.html openntpd : portable.html openssh: ftp.html portable.html rpki-client: portable.html Log message: openbsd.se.rit.edu is no more.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/05/25 13:35:58 Modified files: sys/dev/ic : mfi.c mpi.c sys/dev/pci: mfii.c mpii.c sys/scsi : scsi_base.c Log message: Disable witness for mutexes created on the stack which allows the ddb command 'show witness' to succeed without panicking. Leaving witness enabled on these mutexes saves a pointer to struct lock_type on the stack which gets clobbered resulting in a panic in witness_ddb_display_descendants(). okay miod@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/05/25 13:32:34 Modified files: sys/kern : subr_witness.c sys/arch/sparc64/conf: GENERIC.MP Log message: Work around sparc64 WITNESS kernel failing to load by moving large witness data structures from bss to be allocated in witness_initialize(). Tested on sparc64, amd64, arm64, i386, octeon. okay miod@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/05/25 08:20:25 Modified files: usr.sbin/bgpd : session.c Log message: In session_process_msg() recheck the validity of the rbuf before moving the remaining data around. There is an improbable case where a NOTIFICATION is received while also reaching the MSG_PROCESS_LIMIT. In this case rbuf is NULL when breaking out of the for loop and hitting this code. sthen@ is the (un)lucky person to hit that improbable case OK tb@ sthen@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/05/25 06:52:56 Modified files: usr.sbin/rpki-client: main.c Log message: Update usage add -P epoch
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/05/25 06:49:39 Modified files: usr.sbin/rpki-client: repo.c Log message: Fix repo_cleanup_entry() state machine so that the repository lookups are done when the full repo path is available. Without this all repo lookups returned NULL and the code did not work as intended. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2023/05/25 05:37:58 Modified files: usr.sbin/smtpd : smtpd.h Log message: remove two unused defines last PROC_COUNT use was removed with the switch to fork+exec by eric@ in 2016, CA_FILE with the removal of cert.c two years ago. ok tb@, kn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: st...@cvs.openbsd.org 2023/05/25 03:41:46 Modified files: etc: services Log message: After RFC 9110, the IANA services registry now lists both udp and tcp for https (HTTP/3 over QUIC). Add it to /etc/services so that it's included when /etc/rc populates sysctl net.inet.udp.baddynamic. suggested by Renauld Allard, ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2023/05/25 01:46:21 Modified files: lib/libtls : tls.c Log message: Forcibly update the EVP_PKEY's internal key To aid privilege separation, libtls maintains application-specific data on the key inside the EVP_PKEY abstraction because the EVP API doesn't provide a way to do that on the EVP_PKEY itself. OpenSSL 3 changed behavior of EVP_PKEY_get1_RSA() and related functions. These now return a struct from some cache. Thus, modifying the RSA will no longer modify the EVP_PKEY like it did previously, which was clearly implied to be the case in the older documentation. This is a subtle breaking change that affects several applications. While this is documented, no real solution is provided. The transition plan from one OpenSSL major version to the next one tends to involve many #ifdef in the ecosystem, and the only suggestion provided by the new documentation is to switch to a completely unrelated, new API. Instead, forcibly reset the internal key on EVP_PKEY after modification, this way the change is picked up also by OpenSSL 3. Fixes issue 1171 in OpenSMTPD-portable ok tb@, jsing@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/05/25 01:45:33 Modified files: sys/kern : vfs_sync.c Log message: Do not use wakeup_proc() outside of the sleep machinery. Just use wakeup_one(). OK mpi@