CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2018/11/18 02:36:23

Modified files:
usr.sbin/bgpd  : parse.y 

Log message:
Use correct name when printing the error message that a network prefix-set
is not found. Fixes crash reported by Tom Smyth.

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/18 01:55:51

Modified files:
usr.sbin/tcpdump: print-ether.c 

Log message:
later versions of 802.1Q replaced the vlan CFI field with DEI

CFI stood for canonical format indicator, and basically said whether
the payload was ethernet of fddi (with 0 meaning ethernet).

DEI stands for drop eligibility indicator

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/18 01:53:37

Modified files:
usr.sbin/tcpdump: print-ether.c 

Log message:
handle the 802.1Q i-tag format for provider backbone bridges.

CVS: cvs.openbsd.org: src

[Jonathan Matthew]

CVSROOT:/cvs
Module name:src
Changes by: jmatt...@cvs.openbsd.org2018/11/18 01:46:57

Modified files:
sys/dev/pci: xhci_pci.c 

Log message:
When parsing extended capabilities, bail out if a register read returns
-1/0x, so we don't run off the end of the register area and crash.
The controller doesn't initialise, but this is still an improvement.
Seen on Dell R6415s when booting in BIOS mode, and possibly on some
Supermicro systems.

ok mpi@

CVS: cvs.openbsd.org: src

[Jonathan Matthew]

CVSROOT:/cvs
Module name:src
Changes by: jmatt...@cvs.openbsd.org2018/11/18 01:42:15

Modified files:
sys/dev/pci: if_ixl.c 

Log message:
request notification of link state changes, which helps us detect
link when it takes a bit longer to establish.

ok dlg@

CVS: cvs.openbsd.org: src

[Mark Lumsden]

CVSROOT:/cvs
Module name:src
Changes by: l...@cvs.openbsd.org2018/11/18 00:57:28

Modified files:
usr.bin/mg : mg.1 

Log message:
small clean up of dired section
ok jmc@

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2018/11/17 16:48:22

Modified files:
etc/root   : root.mail 

Log message:
add the missing space.  in the future, should mail -f the file to ensure it is 
correct format

CVS: cvs.openbsd.org: src

[Scott Soule Cheloha]

CVSROOT:/cvs
Module name:src
Changes by: chel...@cvs.openbsd.org 2018/11/17 16:10:08

Modified files:
lib/libc/sys   : sysctl.2 
sys/kern   : kern_pledge.c kern_sched.c kern_sysctl.c 
sys/sys: sched.h sysctl.h 
usr.bin/systat : cpu.c vmstat.c 
usr.bin/top: display.c display.h machine.c machine.h top.c 

Log message:
Add new KERN_CPUSTATS sysctl(2) so we can identify offline CPUs.

Because of hw.smt we need a way to determine whether a given CPU is "online"
or "offline" from userspace.  KERN_CPTIME2 is an array, and so cannot be
cleanly extended for this purpose, so add a new sysctl(2) KERN_CPUSTATS
with an extensible struct.  At the moment it's just KERN_CPTIME2 with a
flags member, but it can grow as needed.

KERN_CPUSTATS appears to have been defined by BSDi long ago, but there are
few (if any) packages in the wild still using the symbol so breakage in ports
should be near zero.  No other system inherited the symbol from BSDi, either.

Then, use the new sysctl(2) in systat(1) and top(1):

- systat(1) draws placeholder marks ('-') instead of percentages for
offline CPUs in the cpu view.

- systat(1) omits offline CPU ticks when drawing the "big bar" in
the vmstat view.  The upshot is that the bar isn't half idle when
half your logical CPUs are disabled.

- top(1) does not draw lines for offline CPUs; if CPUs toggle on or
offline in interactive mode we redraw the display to expand/reduce
space for the new/missing CPUs.  This is consistent with what some
top(1) implementations do on Linux.

- top(1) omits offline CPUs from the totals when CPU totals are
combined into a single line (the '-1' flag).

Originally prompted by deraadt@.  Discussed endlessly with deraadt@,
ketennis@, and sthen@.  Tested by jmc@ and jca@.  Earlier versions also
discussed with jca@.  Earlier versions tested by jmc@, tb@, and many
others.

docs ok jmc@, kernel bits ok ketennis@, everything ok sthen@,
"Is your stuff in yet?" deraadt@

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2018/11/17 13:46:12

Modified files:
usr.bin/kdump  : ktrstruct.c 

Log message:
Be more careful when dumping cmsghdr struct. In the SCM_RIGHTS case an
extra check for a truncated cmsghdr needs to be done since the embeded
lenght may be longer than the supplied buffer (MSG_CTRUNC case).
OK deraadt@

CVS: cvs.openbsd.org: src

[Martin Pieuchot]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2018/11/17 13:17:10

Modified files:
sys/dev/usb: usb_subr.c usbdivar.h 

Log message:
free(9) size for USB subdevs array.

ok ratchov@, visa@

CVS: cvs.openbsd.org: src

[Daniel Dickman]

CVSROOT:/cvs
Module name:src
Changes by: dan...@cvs.openbsd.org  2018/11/17 13:09:03

Modified files:
share/misc : airport 

Log message:
consistency.

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2018/11/17 12:11:14

Modified files:
sys/kern   : Tag: OPENBSD_6_4 vfs_lockf.c 
sys/sys: Tag: OPENBSD_6_4 lockf.h 

Log message:
A recent change to POSIX file locks could cause incorrect results during
lock acquisition.

OpenBSD 6.4 errata 004

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2018/11/17 12:03:57

Modified files:
sys/kern   : Tag: OPENBSD_6_3 vfs_lockf.c 
sys/sys: Tag: OPENBSD_6_3 lockf.h 

Log message:
A recent change to POSIX file locks could cause incorrect results during
lock acquisition.

OpenBSD 6.3 errata 023

CVS: cvs.openbsd.org: src

[Todd C . Miller]

CVSROOT:/cvs
Module name:src
Changes by: mill...@cvs.openbsd.org 2018/11/17 11:55:50

Modified files:
sys/kern   : kern_event.c 

Log message:
Avoid leaking kernel memory in struct kevent padding.
>From NetBSD (maxv).  OK deraadt@ visa@

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2018/11/17 11:55:42

Modified files:
lib/libcrypto/ec: Tag: OPENBSD_6_4 ec2_smpl.c ec_lcl.h ec_lib.c 
  ecp_mont.c ecp_nist.c ecp_nistp224.c 
  ecp_nistp256.c ecp_nistp521.c ecp_nistz256.c 
  ecp_smpl.c 

Log message:
Implement coordinate blinding for EC_POINT as an additional mitigation
for the portsmash vulnerability.

OpenBSD 6.4 errata 003

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2018/11/17 11:46:43

Modified files:
lib/libcrypto/dsa: Tag: OPENBSD_6_3 dsa_ossl.c 
lib/libcrypto/ecdsa: Tag: OPENBSD_6_3 ecs_ossl.c 

Log message:
Use a blinding value when generating DSA and ECDSA signatures, in order to
reduce the possibility of a side-channel attack leaking the private key.

OpenBSD 6.3 errata 022

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2018/11/17 11:14:58

Modified files:
bin/ksh: main.c 

Log message:
Use a very regular call pattern to pledge, so that we can continue to
grep and compare the use in all programs..

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2018/11/17 10:22:38

Modified files:
etc/examples   : bgpd.conf 

Log message:
make the bogon set competely or-longer, rather than having to manage it
or-longer at useage time.
ok job benno

CVS: cvs.openbsd.org: src

[Bryan Steele]

CVSROOT:/cvs
Module name:src
Changes by: bry...@cvs.openbsd.org  2018/11/17 09:52:02

Modified files:
usr.sbin/tcpdump: privsep_pcap.c privsep.c 

Log message:
tcpdump(8) monitor process privdrop

The privsep monitor process handles all privileged operations on behalf
of the unprivileged "packet parser" process. Once it enters its runtime
state, it only needs to:

* Perform DNS and other "numbers to names" lookups, sending results
back over a pipe/socketpair.
* Display the final packet statistics on ^C.

We can finally now drop root privileges in this process as well, as bpf
BIOCGSTATS is still permitted by non-root on open descriptors after it
has been permanently locked with BIOCLOCK. This provides some additional
protection, to go along with the already tight unveil(2) and pledge(2)
restrictions.

With this change tcpdump(8) completely drops root privileges at runtime.

ok mestre@, deraadt@

CVS: cvs.openbsd.org: src

[Bob Beck]

CVSROOT:/cvs
Module name:src
Changes by: b...@cvs.openbsd.org2018/11/17 04:22:43

Modified files:
lib/libssl : ssl_clnt.c ssl_lib.c 

Log message:
Fix DTLS, because DTLS still remains a special flower, allows regress to pass

CVS: cvs.openbsd.org: src

[Mark Lumsden]

CVSROOT:/cvs
Module name:src
Changes by: l...@cvs.openbsd.org2018/11/17 02:52:34

Modified files:
usr.bin/mg : paragraph.c 

Log message:
fix undo in transpose-paragraph.

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2018/11/17 02:34:11

Modified files:
lib/libcrypto/asn1: asn1_lib.c 

Log message:
Fix whitespace around assignment operators.

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2018/11/16 18:40:51

Modified files:
libexec/getty  : main.c 

Log message:
need to closefrom(0) before execve(), otherwise tty isn't properly
'hung up'; some testing by Theodore Wynnychenko

CVS: cvs.openbsd.org: src

[Bob Beck]

CVSROOT:/cvs
Module name:src
Changes by: b...@cvs.openbsd.org2018/11/16 14:20:15

Modified files:
lib/libssl : ssl_clnt.c 

Log message:
revert previous

CVS: cvs.openbsd.org: src

[Philip Guenther]

CVSROOT:/cvs
Module name:src
Changes by: guent...@cvs.openbsd.org2018/11/16 14:15:47

Modified files:
libexec/ld.so  : loader.c resolve.c resolve.h 
libexec/ld.so/aarch64: rtld_machine.c 
libexec/ld.so/alpha: rtld_machine.c 
libexec/ld.so/amd64: rtld_machine.c 
libexec/ld.so/arm: rtld_machine.c 
libexec/ld.so/hppa: rtld_machine.c 
libexec/ld.so/i386: rtld_machine.c 
libexec/ld.so/m88k: rtld_machine.c 
libexec/ld.so/mips64: rtld_machine.c 
libexec/ld.so/powerpc: rtld_machine.c 
libexec/ld.so/sh: rtld_machine.c 
libexec/ld.so/sparc64: rtld_machine.c 

Log message:
Finish ld.so's transition to GNU_RELRO: eliminate support for using
__got_{start,end} to find a region to mark read-only.  It was only used
for binaries that didn't have a GNU_RELRO segment, but all archs have
been using that for over a year.  Since support for insecure-PLT layouts
on powerpc and alpha have been removed, all archs handle GNU_RELRO the
same way and the support can be moved from the MD code to the MI code.

ok mpi@

CVS: cvs.openbsd.org: src

[Bob Beck]

CVSROOT:/cvs
Module name:src
Changes by: b...@cvs.openbsd.org2018/11/16 14:07:20

Modified files:
lib/libssl : ssl_clnt.c 

Log message:
Fix DTLS. Because the DTLS code is strange. I am really coming around to
joel's line of thinking about it

CVS: cvs.openbsd.org: src

[Eric Faurot]

CVSROOT:/cvs
Module name:src
Changes by: e...@cvs.openbsd.org2018/11/16 13:55:59

Modified files:
usr.sbin/smtpd : smtpd.c 

Log message:
add missing imsg names

CVS: cvs.openbsd.org: src

[Eric Faurot]

CVSROOT:/cvs
Module name:src
Changes by: e...@cvs.openbsd.org2018/11/16 13:55:23

Modified files:
usr.sbin/smtpd : smtp_session.c 

Log message:
when using smtps, tls initialisation must occur after FILTER_CONNECTED
has been evaluated.

ok gilles@

CVS: cvs.openbsd.org: src

[Anton Lindqvist]

CVSROOT:/cvs
Module name:src
Changes by: an...@cvs.openbsd.org   2018/11/16 13:20:17

Modified files:
regress/sys/dev: Makefile 

Log message:
+wscons

CVS: cvs.openbsd.org: src

[Anton Lindqvist]

CVSROOT:/cvs
Module name:src
Changes by: an...@cvs.openbsd.org   2018/11/16 13:19:21

Added files:
regress/sys/dev/wscons: Makefile sigio.c 

Log message:
Add wscons regress tests, currently limited to SIGIO handling.

CVS: cvs.openbsd.org: src

[Anton Lindqvist]

CVSROOT:/cvs
Module name:src
Changes by: an...@cvs.openbsd.org   2018/11/16 13:17:49

src/regress/sys/dev/wscons

Update of /cvs/src/regress/sys/dev/wscons
In directory cvs.openbsd.org:/tmp/cvs-serv92268/wscons

Log Message:
Directory /cvs/src/regress/sys/dev/wscons added to the repository

CVS: cvs.openbsd.org: src

[Patrick Wildt]

CVSROOT:/cvs
Module name:src
Changes by: patr...@cvs.openbsd.org 2018/11/16 13:11:52

Modified files:
sys/dev/fdt: sximmc.c 

Log message:
Add support for Allwinner A64's eMMC controller.  It is essentially
the same as the MMC controller but has the same DMA max length as
the A10 SoC.  This makes the eMMC work on the Pinebook.

ok jsg@

CVS: cvs.openbsd.org: src

[Reyk Floeter]

CVSROOT:/cvs
Module name:src
Changes by: r...@cvs.openbsd.org2018/11/16 12:45:40

Modified files:
usr.sbin/rad   : frontend.c 

Log message:
Don't fatal if IPV6_LEAVE_GROUP fails.

The underlying interface might have been destroyed or detached and
rad(8) will just cope with that.

OK florian@

CVS: cvs.openbsd.org: src

[joshua stein]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2018/11/16 11:21:07

Modified files:
sys/dev/pci: pcidevs.h pcidevs_data.h 

Log message:
regen

CVS: cvs.openbsd.org: src

[joshua stein]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2018/11/16 11:20:33

Modified files:
sys/dev/pci: pcidevs 

Log message:
add more intel 100 series devices

CVS: cvs.openbsd.org: src

[Jason McIntyre]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2018/11/16 05:27:32

Modified files:
share/man/man7 : ports.7 

Log message:
punctuation and macro can go on the same line;

CVS: cvs.openbsd.org: src

[Jason McIntyre]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2018/11/16 05:25:29

Modified files:
sbin/ifconfig  : ifconfig.8 

Log message:
sort previous;

CVS: cvs.openbsd.org: src

[Martin Pieuchot]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2018/11/16 04:57:29

Modified files:
sys/dev/usb: uhci.c 

Log message:
free(9) sizes for interrupt & isochronous arrays.

ok visa@

CVS: cvs.openbsd.org: src

[Martin Pieuchot]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2018/11/16 04:56:42

Modified files:
sys/dev/usb: usb_subr.c 

Log message:
free(9) sizes for array of interfaces.

ok visa@

CVS: cvs.openbsd.org: src

[Martin Pieuchot]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2018/11/16 04:55:56

Modified files:
sys/dev/usb: umidi.c 

Log message:
free(9) sizes for array of endpoints.

ok ratchov@

CVS: cvs.openbsd.org: src

[Marc Espie]

CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2018/11/16 03:06:11

Modified files:
share/man/man5 : bsd.port.mk.5 

Log message:
document DUMMY_PACKAGE

CVS: cvs.openbsd.org: src

[Marc Espie]

CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2018/11/16 02:54:40

Modified files:
share/man/man7 : ports.7 

Log message:
kill INDEX thoroughly, point users at portslist, sqlports, pkglocatedb

CVS: cvs.openbsd.org: src

[Marc Espie]

CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2018/11/16 02:49:15

Modified files:
share/man/man5 : bsd.port.mk.5 

Log message:
move describe to obsolete targets

CVS: cvs.openbsd.org: src

[Marc Espie]

CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2018/11/16 02:18:04

Modified files:
share/man/man5 : bsd.port.mk.5 

Log message:
document reprepare

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/16 01:43:52

Modified files:
share/man/man4 : vlan.4 

Log message:
switch from link0 and llprio to txprio for forcing dot1p prios

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/16 01:44:28

Modified files:
sbin/ifconfig  : ifconfig.8 

Log message:
vlan uses txprio too

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/16 01:43:08

Modified files:
sys/net: if_vlan.c if_vlan_var.h 

Log message:
use txprio, not link0 and llprio, to set the dot1p field in the header.

if you're using llprio and link0, you'll need to update your config.

ok claudio@

CVS: cvs.openbsd.org: src

[Nicholas Marriott]

CVSROOT:/cvs
Module name:src
Changes by: n...@cvs.openbsd.org2018/11/15 23:41:58

Modified files:
bin/ksh: main.c misc.c 

Log message:
Include "id" in pledge (for setres[ug]id, setgroups) if the shell is
privileged and remove it when dropping privileges (set +p), setting a
flag to make sure we don't do it again.

ok deraadt millert

CVS: cvs.openbsd.org: src

[Damien Miller]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 23:17:38

Modified files:
usr.bin/ssh: sshconnect.c 

Log message:
redirect stderr of ProxyCommands to /dev/null when ssh is started with
ControlPersist; based on patch from Steffen Prohaska

CVS: cvs.openbsd.org: src

[Damien Miller]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 23:10:29

Modified files:
usr.bin/ssh: sshbuf.c 

Log message:
make grandparent-parent-child sshbuf chains robust to use-after-free
faults if the ancestors are freed before the descendents. Nothing in
OpenSSH uses this deallocation pattern. Reported by Jann Horn

CVS: cvs.openbsd.org: src

[Philip Guenther]

CVSROOT:/cvs
Module name:src
Changes by: guent...@cvs.openbsd.org2018/11/15 22:05:44

Modified files:
libexec/ld.so  : resolve.c 

Log message:
Borrow an idea from DragonFly BSD: factor out the "does this symbol match what
we're looking up?" logic from _dl_find_symbol_obj() into matched_symbol(), so
that the former is just the "iterate across the hash" logic.

matched_symbol() returns zero on "not found", one on "found strong
symbol", and negative one on "found weak symbol".  The last of those lets
the caller give up on this object after finding a weak symbol, as there's
no point in continuing to search for a strong symbol in the same object.

ok mpi@

CVS: cvs.openbsd.org: src

[Damien Miller]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 20:26:01

Modified files:
usr.bin/ssh: auth.c misc.c misc.h readconf.c servconf.c 
 session.c sftp.c sshd.c 

Log message:
use path_absolute() for pathname checks; from Manoj Ampalam

CVS: cvs.openbsd.org: src

[Damien Miller]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 20:03:10

Modified files:
usr.bin/ssh: scp.c 

Log message:
disallow empty incoming filename or ones that refer to the current
directory; based on report/patch from Harry Sintonen

CVS: cvs.openbsd.org: src

[Damien Miller]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 19:46:21

Modified files:
usr.bin/ssh: sshconnect2.c 

Log message:
fix bug in client that was keeping a redundant ssh-agent socket around
for the life of the connection; bz#2912; reported by Simon Tatham;
ok dtucker@

CVS: cvs.openbsd.org: src

[Damien Miller]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 19:43:56

Modified files:
usr.bin/ssh: monitor.c 

Log message:
fix bug in HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypes options.
If only RSA-SHA2 siganture types were specified, then authentication would
always fail for RSA keys as the monitor checks only the base key (not the
signature algorithm) type against *AcceptedKeyTypes.
bz#2746; reported by Jakub Jelen; ok dtucker

CVS: cvs.openbsd.org: src

[Bob Beck]

CVSROOT:/cvs
Module name:src
Changes by: b...@cvs.openbsd.org2018/11/15 19:41:16

Modified files:
lib/libssl : ssl_cert.c ssl_clnt.c ssl_sigalgs.c 
 ssl_sigalgs.h 

Log message:
Unbreak legacy ciphers for prior to 1.1 by setting having a legacy
sigalg for MD5_SHA1 and using it as the non sigalgs default
ok jsing@

CVS: cvs.openbsd.org: src

[Damien Miller]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 19:30:20

Modified files:
usr.bin/ssh: sftp.1 sftp.c 

Log message:
support a prefix of '@' to suppress echo of sftp batch commands;
bz#2926; ok dtucker@

CVS: cvs.openbsd.org: src

[Ted Unangst]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2018/11/15 19:16:17

Modified files:
lib/libfuse: fuse.c fuse_private.h 

Log message:
Handle signals that get sent to any thread
from Rian Hunter

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 18:21:12

Modified files:
share/man/man4 : gre.4 eoip.4 

Log message:
document txprio ioctl support

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 18:10:51

Modified files:
sbin/ifconfig  : ifconfig.8 

Log message:
document txprio

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 17:58:17

Modified files:
sbin/ifconfig  : ifconfig.8 

Log message:
gre has a few siblings now

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 16:05:10

Modified files:
share/man/man4 : gre.4 

Log message:
admin that eoip(4) comes from the gre pseudo device driver

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 16:01:19

Modified files:
share/man/man4 : gre.4 

Log message:
spell an ioctl command better.

from markus@

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/15 15:22:03

Modified files:
sys/net: if_vxlan.c 

Log message:
add support for txprio configuration

CVS: cvs.openbsd.org: src

[Jason McIntyre]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2018/11/15 14:27:31

Modified files:
sys/arch/hppa/hppa: fpemu.S 

Log message:
one more typo noticed while pasting miod a reply;

CVS: cvs.openbsd.org: src

[Philip Guenther]

CVSROOT:/cvs
Module name:src
Changes by: guent...@cvs.openbsd.org2018/11/15 14:25:44

Modified files:
libexec/ld.so  : resolve.c 

Log message:
Put all the symbol lookup parameters (except the object being searched) and
the return pointers into a structure and pass that to _dl_find_symbol_obj().
Set sl->sl_obj_out in _dl_find_symbol_obj() so that the callers don't
need to each record the object.

ok mpi@

CVS: cvs.openbsd.org: src

[Jason McIntyre]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2018/11/15 14:24:48

Modified files:
sys/arch/hppa/hppa: fpemu.S 

Log message:
fix typos in comments; from miod

CVS: cvs.openbsd.org: src

[Henning Brauer]

CVSROOT:/cvs
Module name:src
Changes by: henn...@cvs.openbsd.org 2018/11/15 06:16:37

Modified files:
sys/net: pf.c 

Log message:
in the "pf: key search" debug message, add the direction. interface *and*
dir make debugging much easier than the if alone.

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2018/11/15 03:38:53

Modified files:
usr.bin/tmux   : cmd-choose-tree.c cmd-display-panes.c 

Log message:
Add [template] to display-panes and choose-{buffer,client,tree} usage

OK nicm

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2018/11/14 22:53:31

Modified files:
lib/libcrypto/ec: ecp_smpl.c 

Log message:
Port OpenSSL commit 99540ec79491f59ed8b46b4edf130e17dc907f52 -- mitigation
for a timing vullnerability in ECDSA signature generation (CVE-2018-0735).

Note that the blinding that we introduced back in June for ECDSA and DSA
should mitigate this and related issues. This simply adds an additional
layer of protection.

discussed with jsing

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/14 20:22:01

Modified files:
sbin/pfctl : parse.y 

Log message:
scrub opts dont set tos, so remove it from the scrub_opts struct

ok deraadt@

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2018/11/14 20:04:10

Modified files:
libexec/getty  : main.c pathnames.h 

Log message:
Theodore Wynnychenko discovered the gettytab "lo=path" feature didn't work
anymore with unveil wired to /usr/bin/login.  So let's parse gettytab a bit
earlier to learn which login path to unveil. Later in the loop gettytab is
re-parsed, if the login changes re-exec getty to reach the unveil from the top.
ok millert, also discussed with mestre

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/14 17:05:00

Modified files:
sys/net: if_gre.c 

Log message:
the variable holding the ip tos should be called tos, not ttl.

no functional change.

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/14 16:55:04

Modified files:
sys/netinet: ip_ecn.c ip_ecn.h ip_ipip.c 
sys/net: if_gif.c 

Log message:
provide ip_tos_patch() for setting ip_tos and patching the ipv4 cksum.

previously the gif code would patch the tos field and not recalc
the cksum, which would cause ip input code to drop the packet due
to a cksum failure. the ipip code patched ip_tos and unconditionally
recalculated the cksum, making it correct, but also wiping out any
errors that may have been present before the recalculation. updating
the cksum rather than replacing it lets cksum failures still fire.

ip_tos_patch() is provided in the ecn code since it's because of ecn
propagation that we need to update the tos field. internally it
works like pf_patch_8 and pf_cksum_fixup, but since pf is optional
it rolls its own code. procter may fix that in the future...

ok claudio@

CVS: cvs.openbsd.org: src

[Klemens Nanni]

CVSROOT:/cvs
Module name:src
Changes by: k...@cvs.openbsd.org2018/11/14 14:25:04

Modified files:
sbin/ifconfig  : ifconfig.c 

Log message:
Warn on deprecated 'vlan' and 'vlandev' option usage

These were superseeded by 'vnetid' and 'parent' in june 2017 and will be
removed in the future.

"Looks right" deraadt, OK benno

CVS: cvs.openbsd.org: src

[Stuart Henderson]

CVSROOT:/cvs
Module name:src
Changes by: st...@cvs.openbsd.org   2018/11/14 13:43:48

Modified files:
lib/libedit: Makefile 
gnu/lib/libreadline: Makefile 
lib/libcurses  : shlib_version 

Log message:
Record an inter-library dependency on libcurses in libedit and libreadline,
avoiding runtime failures on architectures using ld.lld. Also add a note to
libcurses shlib_version reminding about bumps (as done with libcrypto/libssl).

Thanks guenther@ for suggestions of tests involving library bumps and jca@
for doing these tests and hint about DPADD.

Looks good kettenis@, ok jca@

CVS: cvs.openbsd.org: src

[Martin Pieuchot]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2018/11/14 10:52:48

Modified files:
sys/kern   : subr_extent.c 

Log message:
Revert previous, it breaks regress.

CVS: cvs.openbsd.org: src

[Martin Pieuchot]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2018/11/14 10:48:52

Modified files:
sys/kern   : subr_extent.c 

Log message:
Userland malloc(3) & free(3) take only one argument.

CVS: cvs.openbsd.org: src

[Ricardo Mestre]

CVSROOT:/cvs
Module name:src
Changes by: mes...@cvs.openbsd.org  2018/11/14 10:24:14

Modified files:
lib/libssl : ssl_lib.c 

Log message:
Fix wrong sizeof argument by using 'uint16_t *', with minor nit from tb@,
instead of 'uint16_t'

Found with llvm's static analyzer, noticed that it was also already reported in
Coverity CID 155890 and to ensure this was correct also inspected OpenSSL's
equivalent code.

OK tb@ and jsing@

CVS: cvs.openbsd.org: src

[Ricardo Mestre]

CVSROOT:/cvs
Module name:src
Changes by: mes...@cvs.openbsd.org  2018/11/14 10:24:01

Modified files:
usr.sbin/bgpd  : config.c 

Log message:
Plug memory leak in host()'s error code path

OK claudio@

CVS: cvs.openbsd.org: src

[Martin Pieuchot]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2018/11/14 10:18:18

Modified files:
sys/dev/usb: usb.c 

Log message:
free(9) sizes for configuration descriptors, missed in previous.

CVS: cvs.openbsd.org: src

[Martin Pieuchot]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2018/11/14 10:07:44

Modified files:
sys/net: bridgectl.c if_bridge.c 

Log message:
Batch copyout(9)s in preparation for finer locking.

Tested by Hrvoje Popovski, inputs and ok visa@

CVS: cvs.openbsd.org: src

[Martin Pieuchot]

CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2018/11/14 10:00:33

Modified files:
sys/dev/usb: ugen.c usb_subr.c 

Log message:
free(9) sizes for configuration descriptors.

ok tedu@, visa@

CVS: cvs.openbsd.org: src

[Ted Unangst]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2018/11/14 08:53:31

Modified files:
bin/mv : mv.1 

Log message:
mv imitates, but no longer uses, cp and rm to cross filesystems.

CVS: cvs.openbsd.org: src

[Martijn van Duren]

CVSROOT:/cvs
Module name:src
Changes by: mart...@cvs.openbsd.org 2018/11/14 08:16:09

Modified files:
usr.bin/join   : join.c 

Log message:
Remove slurpit definition. Leftover from earlier cleanup by otto@.

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2018/11/14 07:03:36

Modified files:
usr.sbin/bgpd  : bgpd.h rde_filter.c 

Log message:
Remove an unneeded union wrapping the skipsteps pointer.
OK phessler@

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2018/11/14 05:14:41

Modified files:
usr.sbin/bgpd  : rde_rib.c 

Log message:
Adjust comment.

CVS: cvs.openbsd.org: src

[Martijn van Duren]

CVSROOT:/cvs
Module name:src
Changes by: mart...@cvs.openbsd.org 2018/11/14 03:59:33

Modified files:
usr.bin/sed: extern.h main.c process.c sed.1 

Log message:
Make sed's -i flag more compatible with what gsed does.
- Reset the hold-space in between files
- quit the editor as soon as a 'q' command is found
- Make sure the temp-file is written back to the original file if we quit
the editor

temp-file not written back issue found by Time Chase.
Lots of feedback from millert@ and schwarze@
OK millert@

CVS: cvs.openbsd.org: src

[Jonathan Gray]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2018/11/13 23:37:36

Modified files:
sys/dev/pci/drm/radeon: radeon_fb.c 

Log message:
Add back part of the changes to takeover the firmware framebuffer on
sparc64 lost in the update to linux 4.4.  Compile tested only.

CVS: cvs.openbsd.org: src

[Theo Buehler]

CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2018/11/13 23:24:21

Modified files:
usr.bin/openssl: s_client.c 

Log message:
didn't found -> didn't find.

>From Edgar Pettijohn III

CVS: cvs.openbsd.org: src

[Jonathan Gray]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2018/11/13 21:36:02

Modified files:
sys/dev/pci/drm/radeon: radeon_fb.c 

Log message:
Setup radeondrm burner task.  Missed when updating to linux 4.4.
Fixes wsconsctl display.screen_off panic reported by Dmitry Murti.

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/13 20:20:04

Modified files:
sys/net: if_gif.c 

Log message:
remove the encapsulation headers before looking at the inner headers

it works less well when you look before the adj

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/13 19:49:15

Modified files:
sys/net: if_gif.c 

Log message:
revert 1.121. i got confused between ecn on ingress and egress

CVS: cvs.openbsd.org: src

[Bob Beck]

CVSROOT:/cvs
Module name:src
Changes by: b...@cvs.openbsd.org2018/11/13 19:27:15

Modified files:
lib/libssl : ssl_sigalgs.c 

Log message:
In TLS1.2 we use evp_sha1 if we fall back this far, not evp_md5_sha1 as in 1.1
Makes connections to outlook.office365.com work

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/13 18:30:38

Modified files:
sys/net: if_gif.c 

Log message:
get ecn ingress args the right way round. again.

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/13 18:27:00

Modified files:
sys/net: if_gre.c 

Log message:
use the txprio setting to populate the tos in keepalive packets.

the mbuf prio will still be set according to the llprio value, but the
tos on the packet may be forced to a specific number by txprio

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2018/11/13 18:06:06

Modified files:
sys/net: if_gre.c if_gif.c 

Log message:
according to ip_ipip.c, rfc1853 says not to copy the ttl on decapsulation

rfc1853 is about IP in IP Tunneling. rfc2003 about IP Encapsulation
within IP agrees.

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2018/11/13 09:54:30

Modified files:
regress/usr.sbin/bgpd/config: Makefile 
Added files:
regress/usr.sbin/bgpd/config: bgpd.conf.10.in bgpd.conf.10.ok 

Log message:
check various community combinations

CVS: cvs.openbsd.org: src

[Visa Hankala]

CVSROOT:/cvs
Module name:src
Changes by: v...@cvs.openbsd.org2018/11/13 09:27:22

Modified files:
regress/sys/kern/sigio: sigio_common.c 

Log message:
Add some coverage for the ioctl() interface.

CVS: cvs.openbsd.org: src

[Bob Beck]

CVSROOT:/cvs
Module name:src
Changes by: b...@cvs.openbsd.org2018/11/13 08:50:54

Modified files:
lib/libssl : ssl_sigalgs.c 

Log message:
Temporary workaround for breakage seen in www.videolan.org with curve mismatch