OpenBSD src changes summary for 2017-11-27 ==========================================
bin/ksh etc/acme-client.conf regress/sys regress/usr.sbin sbin/dhclient sbin/iked sbin/pfctl share/man sys/arch/armv7/omap sys/arch/macppc/conf sys/ddb sys/dev/pci sys/kern sys/miscfs/fuse sys/net sys/net80211 sys/netinet6 sys/sys usr.bin/dc usr.bin/less usr.sbin/acme-client usr.sbin/bgpctl usr.sbin/relayd usr.sbin/smtpd usr.sbin/vmd == bin =============================================================== 01/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin ksh ~ vi.c > Follow emacs mode and remove the interactive "version" function. > ok jca, anton (who both had the same diff) and deraadt (tb@) == etc =============================================================== 02/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc acme-client.conf ~ acme-client.conf > Remove deprecated agreement url. > "nice" deraadt@ > OK benno (florian@) == regress =========================================================== 03/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress sys ~ kern/sosplice/tcp/args-reverse-long.pl > lenght->length, mostly in comments (sthen@) + kern/pledge/pledgepath/Makefile + kern/pledge/pledgepath/syscalls.c > Add the start of regression tests for upcoming pledgepath stuff. > still some more to add, and we won't link into regress until later > ok deraadt@ (beck@) ~ kern/pledge/pledgepath/syscalls.c > access and chflags (beck@) ~ kern/pledge/pledgepath/syscalls.c > symlink and a couple more... (beck@) ~ kern/pledge/pledgepath/syscalls.c > readlink and friends (beck@) ~ kern/pledge/pledgepath/syscalls.c > decriptor relative openat() and chmod (beck@) usr.sbin ~ syslogd/funcs.pl > lenght->length, mostly in comments (sthen@) == sbin ============================================================== 04/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ dhclient.c > Fix pasto so lease_rebind() returns rebind value and not > renewal value. (krw@) ~ dhclient.c > Simplify lease_as_string() logic to use a single time_t variable > and lease_[expiry|rebind|renewal]() functions. (krw@) iked ~ config.c ~ iked.c ~ iked.conf.5 ~ iked.h ~ ikev2.c ~ ikev2_msg.c ~ ikev2_pld.c ~ parse.y ~ pfkey.c ~ policy.c ~ types.h > Implement MOBIKE (RFC 4555) support in iked(8), with us acting as > responder. In practice this support means that clients like iPhones > can roam in different networks (LTE, WiFi) and change their external > addresses without having to re-do the whole handshake. It allows the > client to choose how and when to change the external tunnel endpoint > addresses on demand, depending on which network is better or even is > connected at all. > ok sthen@ > tweaks from jmc@ > tested by a handful (patrick@) pfctl ~ parse.y > The divert structure was using the port number to indicate that > divert-to or divert-reply was active. If the address was also set, > it meant divert-to. Divert packet used a separate structure. This > is confusing and makes it hard to add new features. It is better > to have a divert type that explicitly says what is configured. > Convert the pfctl(8) rule parser to divert types, kernel cleanup > will be the next step. > OK sashan@ (bluhm@) == share ============================================================= 05/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man9/malloc.9 > Remove MALLOC_DEBUG left overs. > From Klemens Nanni. (mpi@) == sys =============================================================== 06/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/armv7/omap ~ omdog.c > OMAP4 has two watchdog timers timer 2/MPU and timer 3/IVA. > Previously the device tree only described one but now it describes both. > Do not attempt to set the global variable that points to a softc or > register a watchdog if this has already been done. > Fixes rebooting on the OMAP4 based PandaBoard-ES with a device tree from > linux 4.15-rc1. (jsg@) arch/macppc/conf ~ GENERIC ~ RAMDISK > Enable ne(4) at pcmcia. > Tested by & diff from Donovan Watteau. (mpi@) ddb ~ db_command.c > Remove MALLOC_DEBUG left overs. > From Klemens Nanni. (mpi@) dev/pci ~ pcidevs > add SAS3.5 megaraids (jmatthew@) ~ pcidevs.h ~ pcidevs_data.h > regen (jmatthew@) ~ mfii.c > Add support for SAS3.5 megaraids, which are sold as Dell PERC H740P/840 and > Lenovo ThinkSystem RAID 530/930. The main differences are in fast path > IO, which we don't use, so all we have to deal with is some changes in the > raid context layout and different PCI BARs. The mfii_iop structure gets > rearranged a bit to accommodate these. > tested on a perc h740p and a h730 (by dlg@) > ok dlg@ (jmatthew@) ~ drm/drm_linux.h ~ drm/i915/intel_sprite.c > Revise the linux sleeping compat code to avoid lock ordering problems. > Based on a diff from mpi@. > ok guenther@, mpi@ (kettenis@) ~ if_oce.c > lenght->length, mostly in comments (sthen@) kern ~ kern_sig.c > Fix comment typo (guenther@) miscfs/fuse ~ fuse_vnops.c > When renaming a file, unlock the target vnode if the target file exists. > ok mpi@ (helg@) ~ fuse_lookup.c > Check access before creating a file or directory. > input and ok mpi@ (helg@) ~ fuse_vnops.c > Change fusefs_link to return EPERM if the source file is a directory. > Now aligns with link(2) man page and ffs regress tests. > ok phessler@, jca@ (helg@) net ~ fq_codel.c > lenght->length, mostly in comments (sthen@) ~ pfvar.h > The divert structure was using the port number to indicate that > divert-to or divert-reply was active. If the address was also set, > it meant divert-to. Divert packet used a separate structure. This > is confusing and makes it hard to add new features. It is better > to have a divert type that explicitly says what is configured. > Convert the pfctl(8) rule parser to divert types, kernel cleanup > will be the next step. > OK sashan@ (bluhm@) net80211 ~ ieee80211_ioctl.c > Stop reporting WPA and WEP keys back to userland. > The kernel is not a password database; look your wifi keys up elsewhere. > Discussed with several. > ok phessler@ jca@ (stsp@) netinet6 ~ nd6.c ~ nd6.h > Use a single timer for all ND6 entries. > This prevents a use-after-free reported by Hrvoje Popovski where the > timeout function was already sleeping on the NET_LOCK() when ifconfig(8) > removed the enry from the table. > By iterating on a global list in the timeout routine we ensure that the > items are still valid when we process them. This also reduce differences > with ARP. > ok bluhm@, visa@ (mpi@) sys ~ malloc.h > Remove MALLOC_DEBUG left overs. > From Klemens Nanni. (mpi@) == usr.bin =========================================================== 07/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin dc ~ bcode.c > Safer handling of the jump_table[] in dc's bcode.c > Based on a diff sent to tech@ by kshe59 (at)zoho (dot) eu - thanks > ok otto@, who also remembered to check the regression tests (tom@) less ~ linenum.c > Use CLOCK_MONOTONIC for the delay before printing "Calculating line > numbers" > from Scott Cheloha who's pushing this upstream. ok tb@ (jca@) == usr.sbin ========================================================== 08/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin acme-client ~ acme-client.conf.5 ~ extern.h ~ json.c ~ main.c ~ netproc.c ~ parse.h ~ parse.y > Deprecate agreement url config option and get the information from the > directory call. This way we don't need to update the acme-client.conf > file every time it changes. Still parse the option, ignore and warn about > it for a release. Sysmerge should be able to handle the removal. > "nice" deraadt@ > OK benno (florian@) ~ util.c ~ parse.h > lenght->length, mostly in comments (sthen@) bgpctl ~ bgpctl.c > lenght->length, mostly in comments (sthen@) relayd ~ relay_http.c > Simplify relay_close_http(), make relay_httpdesc_free() accept and ignore > a NULL pointer argument (like free()). Also switch a !size to size == 0. > OK benno@ (claudio@) ~ relay.c > relay_tls_connected() is playing with the inner bowels of bufferevents. > Be more careful and remove the events before resetting them to the new > backends. This is also what some of the bufferevent functions are doing. > OK benno@ (claudio@) ~ relay_http.c > rfc 7230 mandates that a "204 No Content" http status must not come with a > Content-Lenght Header. Of course some servers still so it and send > Content-Lenght: 0. Adjust accordingly. > ok claudio@ (benno@) ~ relay.c > Do not rip out the output buffer of the bufferevent. Instead just use an > initial bufferevent_write_buffer() to write out the queued up HTTP request. > OK benno@ (claudio@) ~ ca.c ~ config.c ~ parse.y ~ relay.c ~ relayd.c ~ relayd.h > Use file descriptor passing to load certificates into the relays. > Especially > the ca file (having all the trusted certs in them) can be so big that > loading > via imsg fails. > OK beck@ (claudio@) ~ relay.c > Add a DPRINTF() in relay_error() that helped me out way too many times. > (claudio@) ~ relay.c > lseek/read is racy when there is multiple consumers. Use pread instead. > Solves the startup issues seen by bluhm@. pread idea from guenther@. > While there save the errno in the error case. > OK bluhm@ (claudio@) ~ ca.c > Make ca_launch error messages unique. > OK claudio@ (bluhm@) ~ config.c ~ parse.y ~ relay.c ~ relayd.conf.5 ~ relayd.h > Change the ecdhe curve configuration to the same way httpd is doing it. > This removes 'no ecdh' and renames 'ecdh curve auto' to ecdhe default. > The code uses now tls_config_set_ecdhecurves(3) so it is possible to > specify multiple curves now. If people specified curves in their config > they need to adjust their config now. > OK beck@ (claudio@) smtpd ~ control.c ~ lka.c > Show correct command execution status by checking against update > operation return value. > Issue reported by 'Zelest' (Jesper Wallin). > Suggestions and ok eric@ gilles@. (sunil@) vmd ~ loadfile_elf.c > typo in comments "optionel" -> "optional" (mlarkin@) =============================================================================== _______________________________________________ odc mailing list odc@squish.net http://www.squish.net/mailman/listinfo/odc