CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/03/02 21:03:14 Modified files: openssh: releasenotes.html openssh/txt: release-8.5 Log message: update for 8.5
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2021/03/02 18:27:54 Modified files: usr.sbin/vmd : vioscsi.c Log message: off by one in array bounds tests ok mlarkin@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: afre...@cvs.openbsd.org 2021/03/02 18:07:51 Modified files: faq: current.html Log message: List outdated perl files that no longer come with 5.32.1
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/03/02 18:07:17 Modified files: build : Makefile build/mirrors : openssh-ftp.html.head openssh: ftp.html index.html openbsd.html security.html Log message: openssh-8.5
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2021/03/02 18:05:54 Added files: openssh/txt: release-8.5 Log message: release notes for openssh-8.5
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/03/02 17:00:03 Modified files: sys/net: if_veb.c Log message: clean up span ports as span ports, not bridge ports. the visible result of this is that span ports aren't made promisc like bridge ports. when cleaning up a span port, trying to take promisc off it screwed up the refs, and it makes the underlying interface not able to be promisc when it should be promisc. found by dave voutila
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/03/02 16:40:06 Modified files: sys/net: if_veb.c Log message: fix an assert in veb_p_ioctl() that failed when called by a span port. veb_p_ioctl() is used by both veb bridge and veb span ports, but it had an assert to check that it was being called by a veb bridge port. this extends the check so using it on a span port doesnt cause a panic. found by dave voutila
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2021/03/02 15:35:19 Modified files: sbin/wsconsctl : mousecfg.c Log message: Read general and touchpad-specific wsmouse settings separately. Correct the identification of the device type when reading the touchpad parameters fails. ok jcs@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2021/03/02 13:41:42 Modified files: usr.bin/awk: b.c Log message: Fix size computation in replace_repeat() for special_case REPEAT_WITH_Q. This resulted in the NUL terminator being written to the end of the buffer which was not the same as the end of the string. That in turn caused garbage bytes from malloc() to be processed. Also change the NUL termination to be less error prone by writing the NUL immediately after the last byte copied. OK sthen@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: l...@cvs.openbsd.org2021/03/02 12:50:52 Modified files: usr.bin/mg : interpreter.c Log message: It is now possible to define single value variables in the startup file: (define myfile d.txt) And use them like: (find-file myfile)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2021/03/02 12:20:13 Modified files: sbin/dhcpleased: bpf.c Log message: Only attach a fully configured bpf filter to a network interface. I'm worried we could see packets we shouldn't during a small time window.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2021/03/02 10:50:41 Modified files: sys/net: art.h Log message: include of netinet/in.h here is incorrect, because net/route.h will pull excessive types into scope. ok claudio
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2021/03/02 10:43:04 Modified files: lib/libc/sys : mmap.2 Log message: document ENOTSUP wxallowed/wxneeded behaviour more clearly; ok kurt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2021/03/02 10:39:26 Modified files: sbin/dhcpleased: frontend.c Log message: Must include netinet/in.h before netinet/ip.h or bad things happen.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2021/03/02 10:26:25 Modified files: lib/libssl : tls12_record_layer.c Log message: Separate variable declaration and assignment. Requested by tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2021/03/02 10:24:37 Modified files: lib/libssl : tls12_record_layer.c Log message: Replace two handrolled tls12_record_protection_engaged(). Noted by tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2021/03/02 10:18:59 Modified files: lib/libssl : tls12_record_layer.c Log message: Move key/IV length checks closer to usage sites. Also add explicit checks against EVP_CIPHER_iv_length() and EVP_CIPHER_key_length(). Requested by tb@ during review. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2021/03/02 10:17:15 Modified files: sbin/slaacd: engine.c Log message: Fix indentation of switch / case. No binary change.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2021/03/02 10:16:44 Modified files: lib/libssl : tls12_record_layer.c Log message: Add tls12_record_protection_unused() and call from CCS functions. This moves the check closer to where a leak could occur and checks all pointers in the struct. Suggested by tb@ during review. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2021/03/02 10:11:29 Modified files: sbin/resolvd : resolvd.c Log message: satisfy older gcc with poor warning generation
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2021/03/02 09:39:46 Modified files: sbin/resolvd : resolvd.c Log message: requires netinet/in.h
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2021/03/02 09:17:26 Modified files: sbin/dhclient : dispatch.c Log message: Rename local variable 'cur_time' in set_timeout() to 'now' like all the other struct timespec variables holding the current time.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2021/03/02 08:43:12 Modified files: lib/libssl : ssl_lib.c Log message: Fix misleading indentation in SSL_get_error()
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: l...@cvs.openbsd.org2021/03/02 08:03:35 Modified files: usr.bin/mg : echo.c Log message: This diff soaks up the user input while the the maximum character length boundary is crossed in the minbuffer and allows the user to see the error message and respond accordingly. The goto named "null" changed to "skipkey" as per Emil Engler's suggestion on tech@.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2021/03/02 07:32:14 Modified files: sbin/dhclient : dhclient.c Log message: Eliminate redundant checks for expired leases in ifi->leasedb. Simply toss expired leases when writing the list to disk. And write the list to disk before using a lease from it. Just make sure ifi->active isn't tossed.
Re: CVS: cvs.openbsd.org: src
On Tue, Mar 02, 2021 at 02:02:04PM +0100, Peter Hessler wrote: > On 2021 Mar 02 (Tue) at 05:15:46 -0700 (-0700), Edd Barrett wrote: > :Modified files: > : usr.bin/sndiod : dev.c siofile.c > ... > :We can only assume that if you deviate from defaults, then you know what > :you are doing. > > I notice that you didn't include any documentation on this. Can you > update the man page for how to use this, as I currently do not know what > I am doing. What we do when device lacks capabilities is not documented (yet). We used to drop client connection; now we play/record silence to ease seamless migration to/from play-only (or rec-only) devices without disturbing programs. Indeed, maybe it's worth adding a paragraph to describe what happens if device doesn't support desired parameters & modes.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: l...@cvs.openbsd.org2021/03/02 06:06:50 Modified files: usr.bin/mg : log.h log.c Log message: Update logging with comments made by florian@ some time ago (i've not updated logging to $HOME, but will do so). Also include mglog_misc() which takes formatted input from Joachim Wiberg's mg. Thankyou both.
Re: CVS: cvs.openbsd.org: src
On 2021 Mar 02 (Tue) at 05:15:46 -0700 (-0700), Edd Barrett wrote: :Modified files: : usr.bin/sndiod : dev.c siofile.c ... :We can only assume that if you deviate from defaults, then you know what :you are doing. I notice that you didn't include any documentation on this. Can you update the man page for how to use this, as I currently do not know what I am doing. -- After an instrument has been assembled, extra components will be found on the bench.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: e...@cvs.openbsd.org2021/03/02 05:15:46 Modified files: usr.bin/sndiod : dev.c siofile.c Log message: sndiod: Allow alternative devices to support different modes. Currently sndiod does not allow you to use alternative devices (-F devices) which support only a subset of the modes of the main (-f) device. For example, if you do `sndiod -f rsnd/0 -F rsnd/1` and: - rsnd/0 is full-duplex (rec + play). - rsnd/1 is play-only. Then you will be unable to use rsnd/1 as sndiod deems it incompatible and refuses to use it (similarly if rsnd/1 is record-only). This is annoying. It means if you want to use a record-only or play-only device, you will either have to kill sndiod and restart it specifying only that device (`sndiod -f rsnd/1` for the above example), or failing that, downgrade the functionality of the main device (`-m play`). This diff (a joint effort between ratchov@ and myself) makes mixing devices with different modes possible. It does this by making both recording and playing available for all devices, even if the underlying hardware doesn't support both modes. For example, if I try to record from a play-only device, then recording will succeed, but the captured PCM data will be pure silence. Similarly, if I try to play to a record-only device, then the audio stream will disappear into the ether. This is mostly a no-op for sndiod in the default configuration (except that play-only devices now accept recording clients). If you use alternative devices (-F), then it's possible for a record-only device to be found first, which may be confusing if you just want to hear sound. We can only assume that if you deviate from defaults, then you know what you are doing. With guidance from, and OK ratchov@, thanks!
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2021/03/02 05:03:50 Modified files: sbin/dhcpleased: dhcpleased.c Log message: Make unveiling the lease directory a warning instead of a fatal error when the lease directory does not exist. This means that dhcpleased(8) will no longer request a previously configured IP address from the dhcp server and will fall back to DHCPDISCOVER which requests any IP address from the dhcp server. This likely makes diskless(8) work with dhcpleased(8). A normal diskless(8) setup has only / mounted via nfs when dhcpleased(8) starts. /var exists but nothing is mounted there yet, meaning /var/db/dhcpleased does not exist so lease files are disabled. dhcpleased(8) sends a DHCPDISCOVER to request any IP address but since the dhcp server has (very likely) a 'fixed-address' configured we get the same IP back that is already configured. If /var/db/dhcpleased/ exists on / (and /var is *NOT* mounted later) in a diskless(8) setup, care must be taken that the root file system is not shared between machines. If /var/db/dhcpleased/ exists on / and /var on NFS is mounted over this later bad things probably happen. This is a configuration error and must befixed. discussed with deraadt@ Actuall tests on existing diskless(8) setups would be appreciated.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2021/03/02 05:01:40 Modified files: sbin/dhcpleased: dhcpleased.c Log message: Better unveil error messages; requested by deraadt some time ago.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: n...@cvs.openbsd.org2021/03/02 04:00:38 Modified files: usr.bin/tmux : names.c spawn.c Log message: Do not use NULL active window; also do not leak window name. GitHub issue 2590 from Chester Liu.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: es...@cvs.openbsd.org 2021/03/02 03:59:20 Modified files: usr.sbin/pkg_add/OpenBSD: State.pm Log message: finish GC old unintuitive interface now handle_continue and find_window_size are fully separated.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: n...@cvs.openbsd.org2021/03/02 03:56:45 Modified files: usr.bin/tmux : cmd-display-menu.c cmd-if-shell.c cmd-run-shell.c format.c job.c popup.c spawn.c tmux.1 tmux.h window-copy.c Log message: Drop support for popups where the content is provided directly to tmux (which does not have many practical uses) and only support running a program in the popup. display-popup is now simpler and can accept multiple arguments to avoid escaping problems (like the other commands).
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2021/03/02 03:12:38 Modified files: sys/uvm: uvm_pager.h uvm_vnode.c Log message: Fix the deadlock between uvn_io() and uvn_flush() by restarting the fault. Do not allow a faulting thread to sleep on a contended vnode lock to prevent lock ordering issues with upcoming per-uobj lock. ok anton@ Reported-by: syzbot+e63407b35dff08dbe...@syzkaller.appspotmail.com
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2021/03/02 03:09:20 Modified files: sys/uvm: uvm_vnode.c uvm_vnode.h Log message: Revert the fix for the deadlock between uvn_io() and uvn_flush(). This fix (ab)use the vnode lock to serialize access to some fields of the corresponding pages associated with UVM vnode object and this will create new deadlocks with the introduction of a per-uobj lock. ok anton@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2021/03/02 02:45:07 Modified files: usr.sbin/bgpd : bgpd.conf.5 bgpd.h parse.y printconf.c rde.c rde.h rde_decide.c rde_update.c Log message: Introduce 'rde evaluate all' a mode to work around path hiding in IXP route-server environments. By default only the best path is sent to peers and if that path is filtered then the path is hidden for that peer. On route-servers this is sometimes not desried. For this 'rde evaluate all' will cause the evaluation process to fall back to alternate routes and will redistribute the first non-filtered path to the peer. This is very similar to per-peer RIBs but accomplishes the same effect without the massive increase in memory usage. Compared to the default mode this requires more CPU resources but it is probably less than what per-peer RIBs would require. 'rde evaluate all' can be set and reset globally, on groups and on idividual neighbors. It is not limited to route-server configs but route loops are possible if not properly used. OK benno@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2021/03/02 02:23:59 Modified files: usr.sbin/rpki-client: extern.h main.c mkdir.c Log message: There is no longer the need to mkpathat(), the main process runs now from the cachedir.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2021/03/02 02:18:58 Modified files: sbin/resolvd : resolvd.c Log message: Add missing RCS marker
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2021/03/02 02:17:10 Modified files: sbin/resolvd : resolvd.c Log message: Do not unveil unused unwind socket under SMALL Remove unused STARTUP_WAIT_TIMO (since import), add missing space to error message.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2021/03/02 02:08:59 Modified files: usr.sbin/rpki-client: extern.h main.c output.c Log message: Open both the cachedir and outputdir early and use fchdir(2) to switch between the two. OK deraadt@ job@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2021/03/02 02:00:46 Modified files: usr.sbin/rpki-client: parser.c Log message: When building the chain of the intermediate certificates do not include the root node (which should be a trust anchor). Trust anchors where added to the X509_store and having them in the chain is kind of wrong and confuse the new libressl X509 validator. OK tb@
