CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: bent...@cvs.openbsd.org 2019/06/08 00:51:20 Modified files: . : lyrics.html Log message: Allow lyrics.html to validate. Side-by-side comparison reveals no rendering differences, except minor whitespace.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2019/06/07 20:52:20 Modified files: sys/arch/i386/stand/boot: conf.c sys/arch/i386/stand/libsa: exec_i386.c sys/arch/amd64/stand/boot: conf.c sys/arch/amd64/stand/libsa: exec_i386.c Log message: When loading intel microcode in the non-efi case, error if the file is larger than 256KB not 128KB to cope with the 06-8e-09 microcode which is currently 193KB. Reported and tested by Paul de Weerd. Matches a diff from claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: l...@cvs.openbsd.org2019/06/07 20:22:07 Modified files: share/man/man5 : bsd.port.mk.5 Log message: Fix two minor errors in the recent PERMIT_* commit: * Add a missing comma * "cdrom" should be "CD-ROMs" ok espie@ jmc@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2019/06/07 16:56:37 Modified files: lib/libc/hash : sha1.c sha2.c Log message: Cast bitcount to u_in64_t before bit shifting to prevent integer overflow on 32bit platforms which cause incorrect results when adding a block >=512M in size. sha1 patch from ante84 at gmail.com via openssh github, sha2 with djm@, ok tedu@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2019/06/07 14:52:13 Modified files: share/man/man4 : ukspan.4 usb.4 Log message: ukspan.4: add OpenBSD id usb.4: sort ukspan entry and sync with Nd
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2019/06/07 14:46:25 Modified files: lib/libcrypto/man: BN_generate_prime.3 BN_rand.3 DH_generate_key.3 DH_generate_parameters.3 DSA_do_sign.3 DSA_generate_key.3 DSA_generate_parameters.3 DSA_sign.3 EVP_BytesToKey.3 EVP_OpenInit.3 EVP_SealInit.3 PKCS5_PBKDF2_HMAC.3 Log message: Remove the last references to the RAND_*(3) functions. These references were misleading because these functions are no longer used internally and applications should not call them either. Issue brought up by tb@.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2019/06/07 14:09:16 Modified files: lib/libcrypto/man: evp.3 Log message: link to EVP_EncodeInit(3), which was the only missing child page
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: n...@cvs.openbsd.org2019/06/07 14:09:17 Modified files: usr.bin/tmux : server-client.c server.c tmux.h Log message: Do not load the config file if the server is exiting because it failed to start, otherwise commands like lsk which start the server again can end up looping infinitely. Also make the first client exit correctly. Problem reported by Wael M Nasreddine.
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: st...@cvs.openbsd.org 2019/06/07 14:07:48 Modified files: faq: current.html Log message: I had to rollback to an older MariaDB and then roll forward again when updating because the old version hadn't shutdown cleanly first; add some upgrade notes in the hope it stops others from having to do the same.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2019/06/07 13:59:11 Modified files: lib/libcrypto/man: EVP_PKEY_new.3 Log message: link back to evp(3), just like for the other group entry pages
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2019/06/07 13:40:35 Modified files: lib/libcrypto/man: HMAC.3 PKCS5_PBKDF2_HMAC.3 Log message: Remove pointless direct backlinks from the leaf pages HMAC(3) and PKCS5_PBKDF2_HMAC(3) to the top level page evp(3). The leaf pages still have backlinks to the group entry page EVP_DigestInit(3), which is enough. Redundancy and asymmetry pointed out by tb@.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: schwa...@cvs.openbsd.org2019/06/07 13:28:52 Modified files: lib/libcrypto/man: d2i_PKCS8PrivateKey_bio.3 evp.3 PKCS7_decrypt.3 Log message: remove cross-references to the obsolete function OpenSSL_add_all_algorithms(3)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2019/06/07 11:45:53 Modified files: distrib/sets/lists/man: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2019/06/07 10:27:47 Modified files: libexec/ld.so : loader.c Log message: make gc workaround compile on non-clang
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2019/06/07 10:07:00 Modified files: sys/arch/amd64/conf: GENERIC sys/dev/usb: files.usb share/man/man4 : Makefile ucom.4 usb.4 Added files: sys/dev/usb: ukspan.c share/man/man4 : ukspan.4 Log message: add ukspan(4), a driver for the Keyspan USA19HS USB serial adapter written by Cody Cutler
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2019/06/07 10:06:08 Modified files: sys/dev/usb: usbdevs.h usbdevs_data.h Log message: regen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2019/06/07 10:05:55 Modified files: sys/dev/usb: usbdevs Log message: add Keyspan USA-19HS
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2019/06/07 09:40:42 Modified files: sys/dev/acpi : acpi.c acpivar.h Log message: Introduce acpi_getsta() and use it to eliminate some duplicated code. ok patrick@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: st...@cvs.openbsd.org 2019/06/07 09:09:44 Modified files: lib/libssl : Tag: OPENBSD_6_5 ssl_tlsext.c Log message: MFC libssl fix - rev 1.49 (commitid: DLpHk0vyoFEK0Baa) --- Relax parsing of TLS key share extensions on the server. The RFC does not require X25519 and it also allows clients to send an empty key share when the want the server to select a group. The current behaviour results in handshake failures where the client supports TLS 1.3 and sends a TLS key share extension that does not contain X25519. --- (this fixes server side in some cases with TLS 1.3 clients with what would normally be unusual config - however triggered by recent Firefox packages on Fedora, https://bugzilla.redhat.com/show_bug.cgi?id=1713777)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: st...@cvs.openbsd.org 2019/06/07 09:04:06 Modified files: usr.sbin/bgpd : Tag: OPENBSD_6_5 kroute.c Log message: MFC bgpd fix - rev 1.236 (commitid: cMekh4Uss55PgVUe) Fix reloading of network statements that have no fixed prefix specification. The return value of kr_net_redist_add() was not as intended and so kr_redistribute() removed those networks on config reloads.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: st...@cvs.openbsd.org 2019/06/07 09:03:17 Modified files: usr.sbin/bgpd : Tag: OPENBSD_6_5 parse.y Log message: MFC bgpd fix - rev 1.389 (commitid: sS30LBpY2rPoMUFf) Also check the type of a network statement when looking for duplicates. Fixes adding network 0.0.0.0/0 after network inet static.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: st...@cvs.openbsd.org 2019/06/07 09:02:29 Modified files: usr.sbin/bgpd : Tag: OPENBSD_6_5 rde_update.c Log message: MFC bgpd fix - rev 1.110 (commitid: caT0IdwFlZr7OxNo) fix export default-route.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2019/06/07 08:39:57 Modified files: distrib/alpha/miniroot: list distrib/amd64/ramdiskA: Makefile distrib/amd64/ramdisk_cd: Makefile distrib/arm64/ramdisk: list distrib/armv7/ramdisk: list distrib/hppa/ramdisk: list distrib/i386/ramdisk: Makefile distrib/i386/ramdisk_cd: Makefile distrib/landisk/ramdisk: list distrib/loongson/ramdisk: list distrib/luna88k/ramdisk: list distrib/macppc/ramdisk: list distrib/octeon/ramdisk: list distrib/sgi/ramdisk: list distrib/sparc64/miniroot: list distrib/sparc64/ramdisk: list distrib/sparc64/ramdiskB: list Added files: distrib/amd64/ramdiskA: list distrib/amd64/ramdisk_cd: list distrib/i386/ramdisk: list distrib/i386/ramdisk_cd: list Removed files: distrib/amd64/common: list distrib/amd64/ramdiskA: list.local distrib/amd64/ramdisk_cd: list.local distrib/i386/common: list distrib/i386/ramdisk: list.local distrib/i386/ramdisk_cd: list.local distrib/miniroot: list Log message: eliminate differences between all the list files as much as possible, and remove the failed previous attempts at sharing in ./miniroot and ./ramdisk. maybe now that differences are eliminated we can start a new sharing effort? i dunno..
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2019/06/07 08:38:42 Modified files: distrib/miniroot: makeconf.awk Log message: Add -lz to the library list, since one architecture (armv7) needs it and there is no downside for others.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2019/06/07 08:18:48 Modified files: usr.bin/ssh: channels.c packet.c readconf.c umac.h Log message: Typo and spelling fixes in comments and error messages. Patch from knweiss at gmail.com via -portable.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2019/06/07 05:46:33 Modified files: sbin/slaacd: engine.c Log message: Reyk's ISP sends him router advertisements from non-link local addresses about every 10 - 30 seconds. Reduce log level to debug to stop the syslog spam. OK reyk
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: a...@cvs.openbsd.org2019/06/07 04:55:41 Modified files: lib/libkvm : kvm_proc2.c Log message: fix print not specified process. ok guenther@ yasuoka@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2019/06/07 03:45:48 Modified files: usr.sbin/bgpd : rde_update.c bgpd.conf.5 Log message: Refactor up_get_nexthop() to work for all AFI/SAFI cases. Additionally clean up the possible nexthop overrides to better match the RFC. - set nexthop self is still overriding all other decisions - set nexthop no-modify has only relevance for ebgp multihop links Instead of using the router locall address the nexthop is passed unmodified - set nexthop depends on BGP session type * for IBGP sessions the address will be used unless it is the same as the remote peers address * for directly connected EBGP sessions the address is only used if the IP is part of the connected network (no matter what other flags are used). * for multihop EBGP sessions it depends if no-modify was also set Adjust manual page to explain this properly. "probably OK" job@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: flor...@cvs.openbsd.org 2019/06/07 02:16:17 Modified files: faq: current.html Log message: Mention acme-client api url change
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2019/06/07 02:08:30 Modified files: etc/examples : acme-client.conf Log message: Switch to v02 api url.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2019/06/07 02:07:52 Modified files: usr.sbin/acme-client: acctproc.c acme-client.1 certproc.c extern.h http.c http.h json.c main.c netproc.c Log message: Implement RFC 8555 "Automatic Certificate Management Environment (ACME)" to be able to talk to the v02 Let's Encrypt API. With this acme-client(1) will no longer be able to talk to the v01 API. Users must change the api url in /etc/acme-client.conf to https://acme-v02.api.letsencrypt.org/directory Existing accounts (and certs of course) stay valid and after the url change acme-client will be able to renew certs. Tested by Renaud Allard and benno Input & OK benno
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: l...@cvs.openbsd.org2019/06/07 01:54:05 Modified files: usr.bin/mg : util.c Log message: Amend showcpos() to show more information about how mg is operating. The additions help while developing mg by not having to go into gdb to see somethings mg believes about itself. The extra data shown could be removed in future, but it is benign so perhaps it could stay. Also, do not fake a '\n' on the end of buffer. It is confusing. However do not change the lie about '\n' being on the end of every line within the buffer. Hopefully, one day, that will no longer be a lie.